Blackboard 7 XSS validation bypass

De ICEnetX Docs

The Blackboard Academic Suit is a software application for institutions dedicated to teaching and learning, wich provides various communication services for it's users.

Before version 7 was released Blackboard had a lot of Cross-site Scripting flaws everywhere in the application. Version 7 now has a XSS validation function implemented in every text input (at the Messages section, the DiscussionBoard, etc...). This XSS validation can be bypassed, the objective of this paper is to illustrate this bypassing technique.

Introduction

Some web browsers (such as Firefox and IE)

Obtenido de "http://docs.icenetx.net/index.php/Blackboard_7_XSS_validation_bypass"

Vistas

Artículo
Discusión
Ver código fuente
Historial

Herramientas personales

Registrarse/Entrar

Buscar

Herramientas

Lo que enlaza aquí
Seguimiento de enlaces
Subir archivo
Páginas especiales
Versión para imprimir
Enlace permanente