[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [WEB SECURITY] Useful technique when performing XSS

To: "pdp (architect)" <pdp.gnucitizen@xxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] [WEB SECURITY] Useful technique when performing XSS
From: Amit Klein <aksecurity@xxxxxxxxx>
Date: Wed, 07 Feb 2007 22:03:26 +0200

pdp (architect) wrote:
> http://www.gnucitizen.org/blog/playing-in-large
>
> Basically this article is about how to squeeze more data into size
> restricted, unsanitized field. This technique can also be used to hide
> attackers activities.
>
It seems that you've stumbled upon something I already disclosed:
http://www.webappsec.org/lists/websecurity/archive/2005-10/msg00030.html

Sorry...
-Amit

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] [WEB SECURITY] Useful technique when performing XSS
  - From: pdp (architect)

References:
- [Full-disclosure] Useful technique when performing XSS
  - From: pdp (architect)

Prev by Date: Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
Next by Date: Re: [Full-disclosure] [WEB SECURITY] Useful technique when performing XSS
Previous by thread: [Full-disclosure] Useful technique when performing XSS
Next by thread: Re: [Full-disclosure] [WEB SECURITY] Useful technique when performing XSS
Index(es):
- Date
- Thread