This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove tag myspace
Remove Definition Remove Events Related Topics
Computer and Electronics Healthcare Education Financial Services Insurance Government Energy and Utilities Military Manufacturing Libraries More Related Topics >
article thumbnail

Cross-domain leaks of site logins

Scary Beasts Security

AUGUST 30, 2008

It proceeds by abusing a generic browser cross-domain leak of whether an image exists or not -- via the onload vs. onerror javascript events. The tag permits us to load CSS resource from arbitrary domains. In addition, remember that browsers will happily pluck inline style definitions out of HTML.

Authentication 20
Authentication IT 20
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 55,000+ Insiders by signing up for our newsletter

About
Webinars
Awards
About
Editions
Webinars
Awards
Editions
Topics
Twitter
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024