XSS vulnerability

Forum|Forum|17 years ago
August 26, 2008
2 replies
415 views

I able to embed following text successfully even applying scriptProtect=all.

>"'><img%20src%3D%26%23x6a;%26%23x61;%26%23x76;%26%23x61;%26%23x73;%26%23x63;%26%23x72;%26%23x69;%26%23x70;%26%23x74;%26%23x3a;alert(392271)>

Anybody have any cfm script to strip out above character, I have scipt which remove <script> tag but could not detect above tag.

Any help will appreciable

thanks
amar Piwar

Advanced techniques

This topic has been closed for replies.

D

Dan_Bracuk

Inspiring

try safetext() at cflib.org.

it may work, it may not.

A

Anonymous

Try this code out

T

thepolarexpressAuthor

Known Participant

>"><%00script>alert(85472)</script>

How I can detect above string in user input. The code given provided in last reply works well wither other vlunarabilities but not with >"><%00script>alert(85472)</script>

Your help needed. Thanks in advance

~~~ Thanks
the polar express

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded