Print Page | Close Window

Vulnerable to script injection? Printed From: Web Wiz Forums Category: Web Wiz Web App Support Forums Forum Name: Web Wiz Rich Text Editor (RTE) Forum Description: Support forum for the Web Wiz Rich Text Editor (RTE). URL: https://forums.webwiz.net/forum_posts.asp?TID=22597 Printed Date: 28 March 2026 at 11:07pm Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com Topic: Vulnerable to script injection? Posted By: astralis Subject: Vulnerable to script injection? Date Posted: 03 February 2007 at 9:48pm Is this RTE vulnerable to the following hack? http://ha.ckers.org/blog/20060621/us-ascii-xss-part-2/ - Malformed ASCII Characters Replies: Posted By: WebWiz-Bruce Date Posted: 05 February 2007 at 8:58am This question is only viable if the RTE processed your data, which it doesn't as we do not know how the end user wants to process the data they take from their web forms. The RTE is like a blank canvas you simply apply it to your sites own existing web forms. How you process and filter the data from your sites web forms once it is submitted is completely up to you, the RTE doesn't handle this side of things as what you do with the data from your forms could be anything, as you may want the data for emails, databases, etc. As you apply the RTE to an already existing form on your site then you should already have measures in place that filter this type of thing. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting Posted By: WebWiz-Bruce Date Posted: 05 February 2007 at 9:13am Looking more into the XSS you mention encase we need to strengthen up our own web form processing it looks like this hack will only work on Tom Cat web servers. As the Web Wiz RTE will not run on Tom Cat this shouldn't be an issue. ------------- https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting

Print Page | Close Window Forum Software by Web Wiz Forums® version 12.08 - https://www.webwizforums.com Copyright ©2001-2026 Web Wiz Ltd. - https://www.webwiz.net