filtered wrote:
On Wed, Mar 11, 2009 at 13:44, Jochem Maas <> wrote:
filtered schreef:

we have script containing

 <? echo $_GET['studio'] ?>
let say I do:<script type="text/javascript">alert('I am an evil 

excusing the fact that the query is not urlencoded, what happens on your site
(replace domain and script name to match your site/script)

Ok, but I don't see how this code could be used to attack the local

reflected attack.
Someone puts that as the image source on some website they trick a legitimate user in going to (IE - click here to see latest brittany spears scandal !!!) - their browser tries to load the image, instead calling your page with the XSS attack thus allowing the cracker to read any cookies the user has from your domain which can then allow the cracker to impersonate the user via session ID.

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to