There are known Style Attribute XSS attacks like:
Or 4条回答 囚心锁ツ (楼主) 2020-12-03 01:44 This does not work due to click-jacking vulnerability. Example: Found at: http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=164 The code would be perfectly validated but it may cause serious damage. So - rule of thumb use very strict white list or do not allow style attributes. 0 讨论(0) 查看其它4个回答 发布评论: 提交评论 加载中... 验证码 看不清? 提交回复
Or
This does not work due to click-jacking vulnerability.
Example:
Found at: http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=164
The code would be perfectly validated but it may cause serious damage.
So - rule of thumb use very strict white list or do not allow style attributes.
加载中...