Dashboard Articles Playground Discussions More
Follow

Possible Security Hole

0x29A
7 years ago | edited 7 years ago

1

In Intermediate level 5 (**https://www.hackthis.co.uk/levels/intermediate/5**), an *XSS injection* can be achieved by entering a script into the username field of the level, logging in, then clicking the back arrow to go back to the previous level and then forward again. Somehow the malicious characters aren't filtered a when you refresh the page :D
3replies
3voices
177views
Mugi [Mugiwara27]
7 years ago

0

Hello!

Thanks for the signaling! I’ll take a look at this little bug :p
Have a good day!

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\’‘ at line 1

0x29A
7 years ago

0

No problem! :)

L00PeR
7 years ago

0

Wow!!
Nice work ;p

 

Human Stupidity , thats why Hackers always win.
? Med Amine Khelifi

You must be logged in to reply to this discussion. Login
1 of 4

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss