This is what
my week was like:
I finaly got
to use <% in a XSS. Tested an EPiServer CMS 4 and with IE the following XSS
worked in the search field: <%x
onMouseOver='javascript:alert(1)'>A<%/x>
Needs some
trimming as its just an OnMouseOver.
When
spidering a site anything under 10.000 pages is OK.
When my
spider passed 70.000 the other day I hade to stop it. That’s not OK, its just
evil.
You heard me
SharePoint.
2 interesting
reeding for those who missed:
Inga kommentarer:
Skicka en kommentar