Together with the server-side stripslash() php function this call slips through the IE8 XSS filters because it strips the slashes server side and such evades IE8 detection when the HTTP request is being sent by IE8:
See: http://www.0x000000.com/?i=634
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts,
Access 3rd-Party Services
-
Google says it recently fixed an authentication weakness that allowed
crooks to circumvent email verification needed to create a Google Workspace
account, ...
9 hours ago
0 comments
Post a Comment