Explore the community Forums Social Lounge HTML, javascript alert security issue

Tagged: ,

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #409828 Score: 0
    Profile photo of Toni Brown
    Toni Brown
    Member
    beginner
    intermediate
    curious george
    wise owl
    friend finder
    @tbrown1635

    I am experiencing this error when I load my HTML version of my courses to the server, can anyone provide some guidance?

    <span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”>GET /nhsntraining/courses/2018/2018%20HTML/C27OPCSDOM/index.html? </span><b><span style=”color: red; font-family: ‘CourierNewPS-BoldMT’,serif; font-size: 7.5pt;”>jmptopg=javascript%3Aalert%2822%</span></b>

    <span style=”color: black; font-family: ‘Calibri’,sans-serif;”> <span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”><body><div style=”visibility: hidden; display: none; position: absolute; overflow:</span></span>

    <span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”>hidden;”><iframe id=”ifr_ </span><b><span style=”color: black; font-family: ‘CourierNewPS-BoldMT’,serif; font-size: 7.5pt;”>javascript:alert(22) </span></b><span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”>” name=”</span><span style=”color: red; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”>ifr_javascript:alert(22)” </span><span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”>scrolling=”no”</span>

    <span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”>src=”javascript:alert(22)” style=”width: 100%; height: 100%; border: 0px; overflow: hidden;</span>

    <span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”>visibility: hidden; left: 0px; top: 0px;”></iframe></div></span>

    <span style=”color: black; font-family: ‘CourierNewPSMT’,serif; font-size: 7.5pt;”><div id=”pgBkAudio” class=”pgBkAudio” style=”visibility: hidden</span>

    <span style=”color: black; font-family: ‘Calibri’,sans-serif;”> </span>

    <span style=”color: black; font-family: ‘ArialMT’,serif; font-size: 7.5pt;”>Parameter: jmptopg</span>

    <span style=”color: black; font-family: ‘ArialMT’,serif; font-size: 7.5pt;”>Risk(s): It may be possible to steal or manipulate customer session and cookies, which might be used to impersonate a legitimate</span>

    <span style=”color: black; font-family: ‘ArialMT’,serif; font-size: 7.5pt;”>user, allowing the hacker to view or alter user records, and to</span>

     

    #409836 Score: 0
    Profile photo of Toni Brown
    Toni Brown
    Member
    beginner
    intermediate
    curious george
    wise owl
    friend finder
    @tbrown1635

    let me try this again.

     

    jmptopg=javascript%3Aalert%2822%

     

    <body><div style=”visibility: hidden; display: none; position: absolute; overflow:

    hidden;”><iframe id=”ifr_ javascript:alert(22) ” name=”ifr_javascript:alert(22)” scrolling=”no”

    src=”javascript:alert(22)” style=”width: 100%; height: 100%; border: 0px; overflow: hidden;

    visibility: hidden; left: 0px; top: 0px;”></iframe></div>

    <div id=”pgBkAudio” class=”pgBkAudio” style=”visibility: hidden

     

    Parameter: jmptopg

    Risk(s): It may be possible to steal or manipulate customer session and cookies, which might be used to impersonate a legitimate

    user, allowing the hacker to view or alter user records, and to

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.