|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-disclosure] file upload widgets in IE and Firefox have issues
From: Michel Lemay (mlemay
coveo.com)
Date: Wed Jun 07 2006 - 08:43:47 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Would it be possible to use a similar technique to generate an URL with
query parameters containing user keystrokes? This URL could then be
submitted to any compromised website. The attacker could then look into
logs and have a peek at theses submitted requests.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]