BugTraq
Back to list
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
Re: Bypassing of web filters by using ASCII
Jun 21 2006 11:57PM
RSnake (rsnake shocking com)
Jeremiah Grossman and I were able to get a proof of concept
working based off of Kurt's work that actually runs a simple piece of
JavaScript in IE, without using open or close angle brackets. Here's
the link to the post:
http://ha.ckers.org/blog/20060621/us-ascii-xss-part-2/
I concur that it...
[ more ]
Privacy Statement
Copyright 2010, SecurityFocus
Jeremiah Grossman and I were able to get a proof of concept
working based off of Kurt's work that actually runs a simple piece of
JavaScript in IE, without using open or close angle brackets. Here's
the link to the post:
http://ha.ckers.org/blog/20060621/us-ascii-xss-part-2/
I concur that it...
[ more ]