Simon Willison’s Weblog

Entries tagged javascript in 2004

Filters: Type: entry × Year: 2004 × javascript ×


The Register hit by XSS

Here’s a nasty one: popular tech news site The Register was hit on Saturday by the Bofra exploit, a nasty worm which uses an iframe vulnerability in (you guessed it) Internet Explorer to install nasty things on the victim’s PC. Where it gets interesting is that the attack wasn’t against the Register themselves; it came through their third party ad serving company, Falk AG.

[... 262 words]

Executing JavaScript on page load

Peter-Paul Koch recently wrote:

[... 772 words]