[owasp-antisamy] Not Considered as Vulnerable Script

Suhas N Gogate suhas.gogate at arisglobal.co.in
Tue Mar 12 09:10:36 UTC 2013


Hi,

When <p> is given as input parameter , antisamy finds it as XSS script. But when I give <p>/ or <p>& it is not working as intended.

Please suggest on the same.

Thanks and Regards,
Suhas Gogate N
Team Leader

From: Suhas N Gogate
Sent: Monday, March 11, 2013 9:25 PM
To: 'Owasp-antisamy at lists.owasp.org'
Subject: Not Considered as Vulnerable Script

Hi,

When I gave Input as -1%22%2Balert%281214%29%2B%22' it is not considered as XSS Script in antisamy. Please suggest me how to resolve this

Thanks and Regards,
Suhas Gogate N


________________________________


Disclaimer: This transmission, including attachments, is confidential, proprietary, and may be privileged. It is intended solely for the intended recipient. If you are not the intended recipient, you have received this transmission in error and you are hereby advised that any review, disclosure, copying, distribution, or use of this transmission, or any of the information included therein, is unauthorized and strictly prohibited. If you have received this transmission in error, please immediately notify the sender by reply and permanently delete all copies of this transmission and its attachments.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-antisamy/attachments/20130312/5a2fca8d/attachment.html>


More information about the Owasp-antisamy mailing list