Posted by Christian Decker on 12/17/05 19:03

Hi,

I'm trying to figure out how my users may use (or better misuse) the
input fields of my site to to insert JavaScript. I'm already replacing
all occurencies of "script" in every input field but I wanted to know
if anybody here ever stumbled upon a trick to disguise the <script>
tag?

Greets,
Snyke

• Next in forum: Sessions are driving me to insanity
• Prev in forum: XSS: Ways to disguise JavaScript tags?
• Thread view: XSS: Ways to disguise JavaScript tags?

[Reply to this message]