There was an interesting vulnerability found in Yahoo! Mail by Cheng Peng Su. It uses a style obfuscation method pulled almost directly from the XSS Cheat sheet. It just goes to show that sometimes the most complex forms of obfuscation really are worth discussing, because XSS filters are often highly flawed.

This entry was posted on Thursday, January 1st, 1970 at 12:00 am and is filed under XSS, Webappsec. You can leave a response as well.