简体繁体中英

HTML Injection on a web page that does not accept data entry?

原文 2020-07-19 19:06:20 8 1 security/ xss/ html-injections

Can HTML Injection or XSS Injection be done on a web page that does not accept data entry (search, username, password, etc.)?

1 answers

Yes. DOM-Based XSS vulnerability does not need a REST endpoint to even exist. The attack goes directly to the DOM model of the web page. Actually one of the most troublesome versions of XSS out there.

Tomcat Web xml URL-Pattern does not accept urls with parameters?

SQL injection and web log files

HTML page on remote server does not load

my rails 3 app needs to accept html data, and display it but safely! how to minimize security perils?

Where to prevent HTML and script injection?

How does header injection work?

Can SSI Injection or LDAP Injection be logged in web log?

Does this protect against injection attacks?

Why does Amazon Web Services have a lengthy url for login page

How to avoid code injection in web url

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Tomcat Web xml URL-Pattern does not accept urls with parameters? SQL injection and web log files HTML page on remote server does not load my rails 3 app needs to accept html data, and display it but safely! how to minimize security perils? Where to prevent HTML and script injection? How does header injection work? Can SSI Injection or LDAP Injection be logged in web log? Does this protect against injection attacks? Why does Amazon Web Services have a lengthy url for login page How to avoid code injection in web url

Related Tags

HTML Injection on a web page that does not accept data entry?

Question

1 answers

solution1 1 ACCPTED 2020-07-19 20:00:00

solution1
1 ACCPTED 2020-07-19 20:00:00