Search found 1 match

by naez
Mon Mar 31, 2008 3:48 pm
Forum: [3.0/Olympus] Discussion
Topic: Found a possible XSS vulnerability
Replies: 2
Views: 4583

Found a possible XSS vulnerability

PHPBB only stops javascript by changing colons to their html entity value (:) The problem is that javascript is a tricky thing, and can still function even when it is completely garbled. For instance: Javascript:alert('XSS'); , will still make a popup window. I haven't found a way t...