XSS via Host header - www.google.com/cse
A few months ago I found a really fine XSS in Google's Custom Search Engine. The trick I needed to use doesn't seem to be broadly known and that's a pity as it sometimes might allow to make unexploitable exploitable. So here it is: XSS via Host header - Internet Explorer only. The trick was discovered by Sergey Bobrov (@Black2Fan) two years ago and still hasn't been fixed in IE11. Details of the b
Exploits Database by Offensive Security
The Exploit Database is maintained by OffSec, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. The Exploit Database is a non-profit project that is provided as a public service by OffSec. The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, develo
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
