Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
XSS in hidden Field
Posted by: kamal
Date: February 26, 2013 01:48PM

Hi,

is it possible to have an exploit here?

<input type="hidden" value="INPUT" name="test">

INPUT is user input
<,>,(,) are encoded

I know we can exploit using style tag.. but the problem is I can't use (,) symbols... so is there anyway to bypass it.

regards

Options: ReplyQuote


Sorry, only registered users may post in this forum.