Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A for any cross site scripting information. Feel free to ask away. 

Current Page: 1 of 1
Results 1 - 3 of 3
4 years ago
ganger
Let's assume that i found a vulnerability that allow an attacker to execute arbitrary javascript code in the local security zone of a web browser. If this vulnerability was found inside Internet Explorer i can use Activex/vbscript to obtain code execution/download arbitrary files. But what i can do if this kind of vulnerability is found in a browser like Mozilla Firefox/Google Chrome/Safari/Opera?
Forum: XSS Info
4 years ago
ganger
mmm... but my question was another one: i linked the pdf vulnerability just as an example.
Forum: XSS Info
4 years ago
ganger
Hi, i was reading around the web about vulnerabilities like the Universal PDF XSS (linked below) http://www.gnucitizen.org/blog/universal-pdf-xss-after-party/ and i was thinking how to use this kind of vuln (where an attacker is able to execute arbitrary javascript code in a security zone different from the internet security zone) to do more. I already know that with a simple XMLHttpReq
Forum: XSS Info
Current Page: 1 of 1