Input formats - the quickest way to make your site insecure
In a desperate attempt to balance my karma at the end of the year, a small public service post about the most popular way to make your site insecure. This is aimed at website administrators and...
View ArticleUsing for XSS
I see a lot less stray <script> tags in the "Allowed HTML tags:" of the HTML filter these days. The <embed> tag is something I still see a lot in misconfigured formats.It's rather easy to...
View Article
More Pages to Explore .....