danpman
asked on
Question about XCSS scripting attacks
I recently installed a patch at a client site that is supposed to prevent XCSS attacks.
I was able to embed HTML into a web form and have it saved to my customer profile. Is HTML in a form field considered a cross-site script attack? Or is it something more? What tools should I obtain to test the patch to make sure ?
Thanks,
-Dan
I was able to embed HTML into a web form and have it saved to my customer profile. Is HTML in a form field considered a cross-site script attack? Or is it something more? What tools should I obtain to test the patch to make sure ?
Thanks,
-Dan
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Assigned points. Question was answered.