Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
T
T
top132014-03-05 21:29:51
XSS
top13, 2014-03-05 21:29:51

XSS: Is it possible to load something dangerous with an image?

What can be done if it was possible to embed?
style="background: url( http://any domain/1.img)" You
can also send requests style="background: url( http://any domain/1.img?request)"
Referrer the site itself, when requested , passes information along with headers.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
D
DaNHell, 2014-05-19
@DaNHell

There is nowhere
more complete forum.antichat.ru/thread20140.html

Similar questions
N
Nikolai Antonov2017-01-09 20:49:50
Why did the xss attack work in this example? 1Reply
R
redya692015-01-26 23:34:46
Csrf attacks. Anti-csrf token - a panacea? 1Reply
E
entermix2015-02-05 01:33:05
Why does HTMLPurifier work this way? 1Reply
E
entermix2015-04-08 17:39:26
How to set up HTML Purifier correctly? 0Reply
P
PP2015-04-15 07:51:23
Is it enough to use filter_input_array to protect against XSS? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question