Together with the server-side stripslash() php function this call slips through the IE8 XSS filters because it strips the slashes server side and such evades IE8 detection when the HTTP request is being sent by IE8:
See: http://www.0x000000.com/?i=634
No comments:
Post a Comment