[nycphp-talk] phpbb issues (XSS) ...
jon baer
jonbaer at jonbaer.net
Mon Sep 8 12:46:57 EDT 2003
maybe someone else on the list can try this out on their version but i just
noticed all of mine are acceptable to this nasty bit of code using bbcode
for forums:
[url=http://www.test.com"
onmouseover="document.location='http://www.playboy.com'"]this is the
link[/url]
- jon
pgp key: http://www.jonbaer.net/jonbaer.asc
fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47
More information about the talk
mailing list