WebApp Sec mailing list archives
Re: XSS Filter Evasion
From: Wil Clouser <clouserw () gmail com>
Date: Mon, 13 Apr 2009 07:47:34 -0700
There is no need to close it if you can inject something with onclick="" or a similar attribute. Wil On Sun, Apr 12, 2009 at 3:07 AM, cAs <writemecas () googlemail com> wrote:
Hello everybody, i recently tested a web application for XSS vulnerabilities. There i found a search function where i did the following: Injected String: "test Source Code Result: <input autocomplete="off" class="searchbox" type="text" name="searchInclude" id="q" value=""test"/> "YES!" - i thought, but this "simple" target turned out to be a hard job. The next thing i did was injecting this: Injected String: ">test Source Code Result: <input autocomplete="off" class="searchbox" type="text" name="searchInclude" id="q" value=""gttest"/> So the < > get filtered, as well as (). Is there still a way to close the input tag? Greetings, cAs
Current thread:
- XSS Filter Evasion cAs (Apr 13)
- Re: XSS Filter Evasion Wil Clouser (Apr 13)