Some websites validate some bits and pieces but fail in other cases assuming that user will not pass anything strange there.
French OS Con website is and example of that XSS security risk.
If you go to this wage:
You will see there is a link go back to previous post. Unfortunately this post's id is take straight from the requested URL (GET parameter) without any cast or validation. It is an common case of XSS errors where page number, date or id is passed around in links and it is n...
Thank you for taking the time to visit my blog! Take a second to peek around and check out some of my previous posts. Of course, I would love to find out what you think as well, so make sure to comment. See you around!