Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Firefox cross-site scripting issue
#11
After blocking the above issue I had another finding and decided to block the <xss tag with

if (ContainsText(AParam, '<xss')) then
AllowIt := False;

Doing this stops the following:

https://somesite.com/providers/IsProvide...c%2fxss%3e

I guess it should be added to the list of things to block by default so I am posting it here?
Reply


Messages In This Thread
Firefox cross-site scripting issue - by joelcc - 10-05-2020, 07:41 PM
RE: Firefox cross-site scripting issue - by kudzu - 10-14-2020, 04:44 PM
RE: Firefox cross-site scripting issue - by zsleo - 10-14-2020, 07:00 PM
RE: Firefox cross-site scripting issue - by joelcc - 10-27-2020, 04:24 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)