Article: Bypassing JavaScript Filters

Article: Bypassing JavaScript Filters – the Flash! Attack

Quote:

Source: EyeonSecurity

last updated: 05.June.2002 - Obscure

Article/Whitepaper: Bypassing JavaScript Filters - the Flash! Attack

"In this document we will be describing a loophole, with security implications, found in many websites that allow Flash documents to be inserted within HTML, or uploaded to the server. This paper relies on the fact that a huge number of web surfers have installed Macromedia Flash plugin/ActiveX control, for an attacker to launch a Cross-site scripting attack. We will not go into a lot of detail in describing Cross-site scripting attacks in general; However we hope that this paper will explain how Flash documents can be used to inject JavaScript into otherwise well filtered Web Applications."

hmm ok.. so where is this document? i wanna read it.

Follow the link above --> Article/Whitepaper: Bypassing JavaScript Filters - the Flash! Attack :).