Chikwado Posted September 16, 2015 Share Posted September 16, 2015 (edited) Some one help test my bbcode passing function if it is secure enough bbcode faaaaarrrr Not sure [br]if it is secure enough not open for attack. Edited September 25, 2015 by Chikwado Link to comment Share on other sites More sharing options...
justsomeguy Posted September 16, 2015 Share Posted September 16, 2015 There are some XSS attacks you can try here:https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet 1 Link to comment Share on other sites More sharing options...
Chikwado Posted September 18, 2015 Author Share Posted September 18, 2015 (edited) Yes, after input this code: <IMG SRC=javascript:alert("XSS")>The script did not run one way or the other. Am I at the right place? Edited September 18, 2015 by Chikwado Link to comment Share on other sites More sharing options...
justsomeguy Posted September 18, 2015 Share Posted September 18, 2015 If you're creating the img tag yourself, then you should only enter what goes in the src. Between the img tags in your editor you should test things like javascript:alert("XSS") or some of the other options they have for the src. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now