[nycphp-talk] phpbb issues (XSS) ...
Jeff
jsiegel1 at optonline.net
Tue Sep 9 15:50:02 EDT 2003
Is that exactly what was entered? I can't reproduce it on ver. 2.0.4.
Jeff Siegel
-----Original Message-----
From: talk-bounces at lists.nyphp.org [mailto:talk-bounces at lists.nyphp.org]
On Behalf Of jon baer
Sent: Monday, September 08, 2003 11:47 AM
To: talk at lists.nyphp.org
Subject: [nycphp-talk] phpbb issues (XSS) ...
maybe someone else on the list can try this out on their version but i
just
noticed all of mine are acceptable to this nasty bit of code using
bbcode
for forums:
[url=http://www.test.com"
onmouseover="document.location='http://www.playboy.com'"]this is the
link[/url]
- jon
pgp key: http://www.jonbaer.net/jonbaer.asc
fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47
_______________________________________________
talk mailing list
talk at lists.nyphp.org
http://lists.nyphp.org/mailman/listinfo/talk
More information about the talk
mailing list