top | item 37608642 (no title) sys42590 | 2 years ago If you can sneak a <blink> tag into the ticket system, you likely can sneak a in <script> or <iframe> tag as well... I'm sure input sanitization was already a thing preached back then but ignored by many web developers... discuss order hn newest ggambetta|2 years ago My interpretation is that the frontend added the <blink> tag when rendering a critical-priority ticket, no injection needed. db48x|2 years ago No, it was 20 years ago. A lot of projects were really blaseĢ about html injection back then.
ggambetta|2 years ago My interpretation is that the frontend added the <blink> tag when rendering a critical-priority ticket, no injection needed. db48x|2 years ago No, it was 20 years ago. A lot of projects were really blaseĢ about html injection back then.
db48x|2 years ago No, it was 20 years ago. A lot of projects were really blaseĢ about html injection back then.
ggambetta|2 years ago
db48x|2 years ago