2005-05-18

PHP_SELF XSS Woes

Sean Coates - XSS Woes:

"What I forgot about, as I suspect some of you have, too (or maybe I'm the only loser who didn't think of this (-; ), is that $_SERVER['PHP_SELF'] can be manipulated by the user."

Wed, 18 May 2005 08:53:52 +0000