5
tass
7y

A team blacklisted a series of words in order to prevent XSS. Obviously they failed terribly. Like they filtered 'alert(' and crap like that. Like a hacker is going to alert stuff using xss. I opened a bug to their team.

Comments
  • 1
    Wait... they filtered JS for some words? They do know that you can program all JS with just 6 characters?
Add Comment