Sep 21 2010

Confirmed Twitter XSS Vulnerability

Just to confirm, my picture post guessing at a potential XSS vulnerability from over 3 hours ago proved itself to be exactly that. The vulnerability is caused by URLs not being cleaned/escaped properly. By adding JavaScript to the end of a URL, you can effectively execute whatever you like as long as it’s within 140 … read more »

6

Tags: , , , , , .

Jan 21 2009

XSS Prevention Cheat Sheet

Those of you interested in coding and programing — specifically those of you who are dabbling with releasing your own scripts — are probably already aware of my lengthy rambles on sanitising input data, not trusting anything, etc etc. However, where I leave you to discover the nuances of individual language security on your own, … read more »

9

Tags: , , , .