Javascript injection
roblem: javascript can be injected into the /?rawURL= field...
ex: www.server.com/?rawURL=
popups up a javascript alert...
could be hazardous.... example (alert pops up 100 times):
www.server.com/?rawURL=javascript:for(var i = 0; i < 100; i++) alert();</script>
it filters out the character " by making it \" so having it do various things that you can usually do with javascript injection is a problem... yet this should be fixed nonetheless, and its a possibility the character " has a workaround...
ex: www.server.com/?rawURL=
popups up a javascript alert...
could be hazardous.... example (alert pops up 100 times):
www.server.com/?rawURL=javascript:for(var i = 0; i < 100; i++) alert();</script>
it filters out the character " by making it \" so having it do various things that you can usually do with javascript injection is a problem... yet this should be fixed nonetheless, and its a possibility the character " has a workaround...
posted by sadddafggfddss at 10:04 AM
0 Comments:
Post a Comment
<< Home