Monday, October 09, 2006

Another xss

A XSS on lycos, the point to point out is not because this is a big site, but it display my " when"
I am wondering whether this is fuzzable, seems kinda hard coz " is a valid html code...
Anyway, interesting to know xss could also happened on a regular url (not parameter)

Updated: This xss already expired, but it still serves as a pretty good lesson for developers

No comments: