|Join Nairaland / LOGIN! / Trending / Recent / New|
Stats: 2,798,624 members, 6,687,415 topics. Date: Saturday, 22 January 2022 at 06:19 PM
What Is The Right Way To Escape User Input And Output Data Against Xss And Sql I / Please Is This Script Free From Sql Injection And Xss Attacks / How To Check If Your Wordpress Site Is Vulnerable To XSS Attack (2) (3) (4)
|XSS Attack On Nairaland by Superstar007(m): 4:50pm On Apr 14, 2015|
The second page of the post
" Ngozi Okonjo - Iweala Captured With
APC Leaders At The Airport" keeps redirecting to a link that requires one to input their username and password. The link to the page is
Attached below is a screen shot of this attack.
Seun, please take note.
|Re: XSS Attack On Nairaland by Enegod(m): 5:13pm On Apr 14, 2015|
this is serious!
|Re: XSS Attack On Nairaland by 100ksalescom(m): 5:35pm On Apr 14, 2015|
Una don vex the guy.
See what he said in the pic i attached and underlined in red.
Naija ppl get mouth sha...
[size=15pt]But on a serious note i think if Seun adds some request filtering to his web config it would solve the issue.
That way you sanitize whats going into the system 1st.
Other webmasters please feel free to contribute.
Abi Na only Wordpress and Blogger una sabi install [/size]
|Re: XSS Attack On Nairaland by Grime: 7:25pm On Apr 14, 2015|
It's a small thing.
What the admin has been doing is deleting the offending post, banning the poster, and then censoring the offending url (usually from free hosts).
But I wonder if this is sustainable since the culprit can always create a new account, make new posts, and find another free host.
So, in summary, there is no intrusion to the server whatsoever, it's all happening at the front end. This type of XSS attack is like the "I am being a nuisance" type.
The culprit will get tired sooner or later.
...But while we wait for the attacker to get tired, we must consider that this website has big advertisers. If they lose their account to some kid in Yaba, trust for NL will take a hit.
There is only one way to solve this problem once and for all, and I am surprised it hasn't been implemented yet.
|Re: XSS Attack On Nairaland by nnamdiosu(m): 8:39am On Apr 15, 2015|
wonderful . bro u seem a pro in ethical hacking. can u pls mentor me?
|Re: XSS Attack On Nairaland by Hotspotbro(m): 10:54am On Dec 07, 2021|
|Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health |
religion celebs tv-movies music-radio literature webmasters programming techmarket
Nairaland - Copyright © 2005 - 2022 Oluwaseun Osewa. All rights reserved. See How To Advertise. 46