Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
dom xss is possible ?
Posted by: mghack
Date: July 24, 2014 06:04AM

dom xss is possible in ie browsers in code ?
<html>
<head>
<script language="JavaScript">
function onLoad() {
parent.setTimeout("zk.bmk.onIframeLoaded('"+window.location+"')",0);
}
</script>
</head>
<body onload="onLoad()">
</body>
</html>

is located in http://grepcode.com/file/repo1.maven.org/maven2/org.zkoss.zk/zk/6.5.1.1/web/js/zk/bookmark.html


in ie8 browser injection in url ');// error message zk undefined, bmk null or undefined.
How is reproduce injection dom xss ?



Edited 1 time(s). Last edit at 07/24/2014 06:04AM by mghack.

Options: ReplyQuote


Sorry, only registered users may post in this forum.