Paid Advertising is
ha.ckers sla.cking
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
XSS in hidden Field
Posted by: kamal
Date: February 26, 2013 01:48PM


is it possible to have an exploit here?

<input type="hidden" value="INPUT" name="test">

INPUT is user input
<,>,(,) are encoded

I know we can exploit using style tag.. but the problem is I can't use (,) symbols... so is there anyway to bypass it.


Options: ReplyQuote

Sorry, only registered users may post in this forum.