Yes a XSS post again. I’m sorry 🙂 I’ve been having fun testing some really good filters (some of the best in the business IMO). I found a vector that isn’t on rsnake’s cheat sheet. Check it out:- Only works on IE <isindex type=image src=1 onerror=alert(1)> Because IE treats the isindex element (a very old […]