Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Javascript security

Status
Not open for further replies.
robdon

robdon

Programmer
May 21, 2001
252
0
0
ES
Hi,

I have a web site that has a forum on that I have programed in HTML,Javascript and Perl on a Linux Box with Apache.

I allow the users to enter HTML and Javascript tags in the message area.

Could this open some REAL security issues.

I know that there are ways for someone to redirect cookies to another site, but I dont use cookies for any sensative data.

Any other problems anyone can think of?

Thanks for any help,

Rob Donovan
 
Sort by date Sort by votes
There have been recent threads on this subject on bugtraq. I also believe that this was the method used to deface alldas.de recently.
 
Upvote 0 Downvote
Exploits make it possible to enter abitrary code which infact could disrupt some systems by the use of that code into html pages. Java tags alone seems to play little towards disruption, active x would be another story.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
51
gbayi_omo
gbayi_omo
abhi21
  • Locked
  • Question
Interesting article on Cyber Security
Replies
0
Views
33
abhi21
abhi21
SamBones
  • Locked
  • Question
Interesting JavaScript Exploit -- JSF**K
Replies
0
Views
31
SamBones
SamBones
jfp23
  • Locked
  • Question
Site to Site VPN Security
Replies
2
Views
56
PScottC
PScottC
cisco222
  • Locked
  • Question
CCNA security exam
Replies
0
Views
43
cisco222
cisco222

Part and Inventory Search

Sponsor

Back
Top