Home page logo

bugtraq logo Bugtraq mailing list archives

Re: SECURITY.NNOV: ikonboard 3.1.1 CSS
From: "Rajkumar S." <listuser () myrealbox com>
Date: Fri, 4 Oct 2002 23:59:09 +0530 (IST)

On Fri, 4 Oct 2002, 3APA3A wrote:

  The only change in Ikonboard 3.1.1 (at least on sending private
  messages)  is  it  checks  URL  extension  to  be  .gif  or  .jpg,  so
  [IMG]javascript:alert(document.cookie).gif[/IMG]      still      works

Not working for me, IconBoard 3.1.1

Error message is
Sorry, dynamic pages in the [IMG] tags are not allowed


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]