BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Bypassing of web filters by using ASCII Jun 21 2006 11:57PM
RSnake (rsnake shocking com)

Jeremiah Grossman and I were able to get a proof of concept
working based off of Kurt's work that actually runs a simple piece of
JavaScript in IE, without using open or close angle brackets. Here's
the link to the post:

http://ha.ckers.org/blog/20060621/us-ascii-xss-part-2/

I concur that it...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus