The Spanner

Category Archives: flash

Flash XSS

I’ve known about this technique for years but everyone might not be aware that Flash can be used for XSS, so I’ve decide to do a quick post to explain. Using getURL in Flash allows you to call javascript using the javascript protocol and using the parameter allowScriptAccess enables you to perform cross domain execution. [...]

¶ Posted 24 September 2007 † Gareth Heyes § Security § xss ‡ Comments (3)

Inspiration
- Arshan
- Ascetik
- beford
- Billy Rios
- Chris Weber
- David Ross
- Eric Lawrence
- hackademix
- Hackvertor
- Halvar Flake
- Jesse Ruderman
- Joe Walker
- John Resig
- Kuza55
- maliciousmarkup
- Manuel Caballero
- Matt Presson
- Miscoded
- nihilogic
- PHPIDS
- pro.grammatic
- Reiners
- rgaucher
- rvdh
- Sirdarckcat
- sla.ckers
- Stefan Esser
- Stefano Di Paola
- Thornmaker
- tssci-security
- ush.it
- Web Reflection
- xorl
- Yosuke HASEGAWA
Recent Comments
RSS Links
- All posts
- All comments
March 2010

M T W T F S S

« Feb

1 2 3 4 5 6 7

8 9 10 11 12 13 14

15 16 17 18 19 20 21

22 23 24 25 26 27 28

29 30 31
Home

Category Archives: flash

Flash XSS

Inspiration

Recent Comments

RSS Links

Category Archives

Search

Advert

March 2010
M	T	W	T	F	S	S
« Feb
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31