AV Arcade BugFix – XSS Exploit
Jan 06The Problem: EDITED::… This was originally reported as link spam, but could easily be a lot worse. When registering, the user name field is open to possible attack. Code will be processed on the members page. The code can be overflown to the homepage fairly easily. XSS can be used. I would now consider this as a serious exploit. I would suggest fixing this bug A.S.A.P The Fix: Backup then...
XSS and web form security
Nov 13There are many instances when user input is needed. But allowing just any code to be passed can cause severe problems and lead to even the most annoying 10 year old script kiddie writing “PWND” all over website! There a are some simple steps which you can take to prevent most of these. This article will go over some of the fundamental XSS attacks and how to stop them. As of 2007,...