Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: [WEB SECURITY] Help with referer issues in XSS
Mar 05 2012 01:24PM
Stefano Di Paola (stefano dipaola wisec it)
Also check for:
5. www.example.com.attacker.com/.. as the referrer
just in case the referrer checking regexp is broken.
Il giorno ven, 02/03/2012 alle 18.30 -0800, super evr ha scritto:
> Here's a couple things to try that I've learned in my experience.
> First you can find o...
[ more ]
Copyright 2010, SecurityFocus