-
```
* FireBreath version: 1.3.0rc3.
* Issue tested with FireFox and Chrome
As posted on the mailing list:
In C++, I have my API class derived from JSAPIAuto and in a method of
this class, I call F…
-
Hi,
It seems I have an issue on IE7 using a dom node context with a html5 tag, if that makes sense...
Note that if I change the tags from "section" to "div", it works.
Articles tags don't work eithe…
-
The editor's source code view allows attacker to bypass the input validation in default view by injecting javascript using IFRAME element.
Proof of Concept:
Injected the the payload into the edit…
-
1. url-rule-set에서 denfender는 파라미터별로 설정할 수 밖에 없나요? url별로 설정할 수는 없나요?
2. lucy-xss-default-sax.xml에 허용하는 attribute들이 정의되어있던데 같은 테그들도 있더라고요. default-sax.xml에는 모든 태그들을 허용한것으로 보면 되나요?
3. 2번이 맞다면 script 태…
-
"/>
"/>
">>>alert(String.fromCharCode(88,83,83))
">
£¢>
">
'">
">
">
'">
">alert(String.fromCharCode(88,83,83))
">
-
- Site: [https://demo.owasp-juice.shop](https://demo.owasp-juice.shop)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 3:
- [https://demo.owasp-juice.shop](h…
-
In normal browsers JavaScript URL's containing carriage-returns `�D;` (HTML entity of `\r`) are considered valid. e.g:
`Hello World!`
will produce an alert with the message `1` as expected.
Now i…
-
リダイレクトタイプのsetFlashMessageを使うと、
app/Plugin/NetCommons/View/Elements/common_alert.ctpで
-
```
* FireBreath version: 1.3.0rc3.
* Issue tested with FireFox and Chrome
As posted on the mailing list:
In C++, I have my API class derived from JSAPIAuto and in a method of
this class, I call F…
-
```
I added the following code on my screen. But when I scan a barcode nothing
happens.
$(document).ready(function() {
char0 = new Array("§", "32");
char1 = new Array("…