|
|
|
|
|
|
by technoguyrob
6413 days ago
|
|
|
XSS detection is not just as simple as that. For example, in IE, entering the following produces a pop-up: <table style="background-image:url(javascript:alert(1))"><tr><td>Hi</td></tr></table>
However, read debt's comment below. XSS is irrelevant here since "XSS" means cross-site scripting, i.e., ,managing to embed Javascript into pages someone ELSE sees. Only the client sees this, it doesn't get reproduced for anyone else. |
|
|