2005-05-18

Permanent link PHP_SELF XSS Woes

Sean Coates - XSS Woes:

"What I forgot about, as I suspect some of you have, too (or maybe I'm the only loser who didn't think of this (-; ), is that $_SERVER['PHP_SELF'] can be manipulated by the user."

Filed under: Wed, 18 May 2005 10:53:52 +0200 [Edit]