|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Alex Lambert (alambert_at_webmaster.com)
Date: Thu Jul 18 2002 - 21:30:36 CDT
&{ and } provide the same functionality as <script> in </script> in NS4, I
believe.
apl
----- Original Message -----
From: "zeno" <bugtraq
cgisecurity.net>
To: <webappsecsecurityfocus.com>
Sent: Thursday, July 18, 2002 5:53 PM
Subject: risks of # and & (XSS)
> hello,
>
> I'm curious would # and & be considered a XSS threat if <> and () where
stripped?
> If so can anyone provide an example?
>
>
>
> Thanks
> zenocgisecurity.com
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]