[Owasp-delhi] Regarding Reflected XSS Issue
s.parmendra at gmail.com
Fri May 29 12:23:22 EDT 2009
Kindly elaborate how can you be sure that a parameter "txtsearch" within the
belowmentioned URL is free from Reflected XSS issue.
-> After sending the above request what is to be seen in the source of
the resopnse if the application is performing the Output Escaping.
-> How do you check that the Output Escaping done by the application is
proper and up to the mark and will not allow any XSS issue.
I mean how do conclude that there is no XSS as entering some varients of
scripts will work and some of them does not work.
Thanks and Regards:
Computer Security Analyst
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-delhi