Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming XSS attack from Exceptions Lib?
XSS attack from Exceptions Lib?
  • El Forum
    Guest
  •  
#5
07-21-2008, 08:13 AM

[eluser]Xeoncross[/eluser]
[quote author="inparo" date="1216666706"]the URI class... will error if you have illegal characters in your url[/quote]

Perfect! Just what I needed to know.
However, I still think that this is a venerability.

[quote author="inparo" date="1216666706"]
$page is never displayed to the user, it's only written to a log file.[/quote]

What if the log is read by a PHP script that outputs the last 10 errors? What if the log is emailed to a user?

XSS attack time. :coolgrin:


Messages In This Thread
XSS attack from Exceptions Lib? - by El Forum - 07-19-2008, 09:35 PM
XSS attack from Exceptions Lib? - by El Forum - 07-21-2008, 07:50 AM
XSS attack from Exceptions Lib? - by El Forum - 07-21-2008, 07:56 AM
XSS attack from Exceptions Lib? - by El Forum - 07-21-2008, 07:58 AM
XSS attack from Exceptions Lib? - by El Forum - 07-21-2008, 08:13 AM
XSS attack from Exceptions Lib? - by El Forum - 07-21-2008, 09:02 AM



Theme © iAndrew 2016 - Forum software by © MyBB