XSS CSS INJECTION on IE7 and Firefox

Hi folks, today I wanna present a great work on XSS CSS injection. Following the amazing work of Martin, style=”xx:expression((window.r!=1)? …… , Gareth wrote a more complete example  of injection scenario. Here it is ! That Translated from hexadecimal  becames: It’s still incredible seeing execution of code even if converted into whole entities as htmlspecialchars. […]

Read more "XSS CSS INJECTION on IE7 and Firefox"

Thank You Guys

Hi folks,I’m proud to announce to be one of BlogSecurity Team. Grabbed from the BlogSecurity Site. BlogSecurity is the only organization that deals with social networking and web blog security exclusively. Our goal is to provide you with the security advice, services, tools and critical information that you need to better secure and build your […]

Read more "Thank You Guys"