SameShirtEveryDay.com

Personal blog of the one called Alex Gorbatchev, from Toronto, Canada.

JavaScript CSS exploit in Internet Explorer

Posted on May 15th, 2007 by Alex Gorbatchev. In JavaScript, Rails. No comments yet...

This issue allows an attacker to insert inject random JavaScript code which could potentialy be very harmful. It’s the same exploit that was used by the MySpace Worm. If you are using sanitize(), this is something to be aware of.

sanitize("<div style=\"width: expression(alert('gotcha'))\">pure innocence</div>")

Causes an infinite loop alert box in IE 7. Currently applies to Ruby on Rails 1.2.2.

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

No comments yet, be the first one!

Leave a Reply

Allowed tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> , rel="nofollow" in use - no link dropping, no keywords or domains as names; do not spam, and do not advertise!

« Morning Brew #1
Morning Brew #2 »
home
Subscribe to this blog Follow me on Twitter My bookmarks on Delicious My photography on Flickr