SecuriTeam Blogs » XSS Fragmentation Attacks

セキュリティ
Javascriptをフィルターしていないようなサイトで、フラグメントしたJavascriptXSSが発生するそうです。

A newly released paper shows how a fragmentation attack can be used to cause web site that don’t filter out content too strictly to include arbitrary javascript which in turn can be used to cause a cross site scripting vulnerability. One such web site is of course MySpace.com.