Re: IE allows universal Cross Site Scripting (TL#002)
Hello, This can also be exploited in IE5 and IE5.5 as well as IE6 by using a different resource file. Thor's demonstration is confined to IE6 because the resource he found to be exploitable first appeared in IE6 privacy policy. Proof of concept and HTML version:...