« DNS poisoning via Port Exhaustion | Main | Through the Looking-Glass »

October 24, 2011

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d835130c5153ef0153928c5a5f970b

Listed below are links to weblogs that reference JSON-based XSS exploitation:

Comments

Nir Goldshlager

Nice work, Big like :).....

Daniel

Hi Adi,

This is a very nice article. I was able to exploit several XSS vulnerability by using the methods that you described here. But I want to know which version of IE9 that you were using to exploit this kind of vulnerability because I was unable to exploit this vulnerability in IE9. You could check the blog at https://community.qualys.com/blogs/securitylabs/2014/09/11/xss-vulnerability-shows-how-security-issues-can-creep-into-popular-software

Thanks
Daniel

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Follow us on Twitter

AppScan Free Trial


Try IBM Security AppScan software at no charge.

Become a Fan