Like the diminutive code contests, often you have to fit the vector in a very small space to be validated. Sometimes this can be overcome and sometimes it can’t, but this link was a pretty good example of where he was able to get around it. There are other ways, sure, but this is a real world example which is kinda fun.

This entry was posted on Thursday, January 1st, 1970 at 12:00 am and is filed under XSS, Webappsec. You can leave a response as well.