Together with the server-side stripslash() php function this call slips through the IE8 XSS filters because it strips the slashes server side and such evades IE8 detection when the HTTP request is being sent by IE8:
See: http://www.0x000000.com/?i=634
Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails
-
Microsoft Corp. today released software updates to plug four critical
security holes that attackers have been using to plunder email
communications at comp...
10 hours ago
0 comments
Post a Comment