XSS help

Re: XSS help

SW — Thu, 07 Apr 2011 00:38:02 -0500

What happened to that nice google docs page of up to date xss vectors? :P

Re: XSS help

The-Wildcat — Sun, 03 Apr 2011 09:07:52 -0500

hm, it's also exploitable in FF3 but only with a click on the pager.

In FF4, is it exploitable without user interaction? If so, how?^^

Re: XSS help

PaPPy — Sun, 03 Apr 2011 09:05:08 -0500

i dunno just submit it to xssed.com
before mcafee comes across this page

Re: XSS help

Anonymous User — Sat, 02 Apr 2011 17:47:05 -0500

I almost disclosed too much, let's see if SW and PaPPy can figure it out :P

Re: XSS help

tr3w — Sat, 02 Apr 2011 16:56:58 -0500

Done. It was fun :) FF4 and GC killed a lot of blacklist filters :O

Re: XSS help

Gareth Heyes — Sat, 02 Apr 2011 12:41:02 -0500

Yeah me too :)

Re: XSS help

Anonymous User — Sat, 02 Apr 2011 10:22:33 -0500

Yep. in this particular situation on FF4 and Webkit (SF5, GC10) you can.

Re: XSS help

SW — Sat, 02 Apr 2011 00:07:02 -0500

Can you can execute javascript without any = or ()?

XSS help

PaPPy — Fri, 01 Apr 2011 18:31:04 -0500

I will let someone else take a crack at it
http://www.mcafee.com/us/events/index.aspx?pg=1&sz=30&tf=14800&et=0&dt=201106&srt=d&sd=0®ion=test%22%3E&contentype=%22%3Etest