Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Close quoted attribute with anything except quote
Posted by: Albino
Date: September 20, 2012 01:09PM

<input value="[yourinput]"/>

The input is filtered for " and nothing else. < and > are perfectly allowed. I feel that this must be exploitable in some browsers but I don't see how. Any ideas?

-------------------------------------------------------
Research blog



Edited 1 time(s). Last edit at 09/20/2012 01:13PM by Albino.

Options: ReplyQuote
Re: Close quoted attribute with anything except quote
Posted by: cr101
Date: September 24, 2012 12:46PM

Filtered as in removed or as in it doesn't complete the request at all?

Also, what happens if the last character in your input is a '\'? Does it escape the end quote?

Options: ReplyQuote
Re: Close quoted attribute with anything except quote
Posted by: Albino
Date: September 25, 2012 02:26AM

Filtered as in removed, although in this case it doesn't make any difference. \ isn't an escape character in HTML attributes.

-------------------------------------------------------
Research blog

Options: ReplyQuote


Sorry, only registered users may post in this forum.