« DNS poisoning via Port Exhaustion | Main | Through the Looking-Glass »

October 24, 2011


TrackBack URL for this entry:

Listed below are links to weblogs that reference JSON-based XSS exploitation:


Nir Goldshlager

Nice work, Big like :).....


Hi Adi,

This is a very nice article. I was able to exploit several XSS vulnerability by using the methods that you described here. But I want to know which version of IE9 that you were using to exploit this kind of vulnerability because I was unable to exploit this vulnerability in IE9. You could check the blog at https://community.qualys.com/blogs/securitylabs/2014/09/11/xss-vulnerability-shows-how-security-issues-can-creep-into-popular-software


Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Follow us on Twitter

AppScan Free Trial

Try IBM Security AppScan software at no charge.

Become a Fan