In my web application after login, the below code(<div><a href="http://www.stqc.gov.in"></a>xss link</div>") is included in <body> by using "Paros Proxy" tool. Then the link is overlapped in to the site, if I click the link then I completely redirected from my site. How to avoid such things. <div style="position:fixed; right:450px; bottom:250px; overflow:visible;" id="clippy"> <table valign="top" width="130" height="209" border="0" background="http://www.stqc.gov.in/sites/all/themes/stqc/images/stqc.png" cellpadding="10"> <br><br><tr><td valign="bottom"<h1><u>Hello, it looks like you have an XSS vulnerability, would you like</u></h1> <a href="http://www.stqc.gov.in/">some help fixing that</br></a></td></tr> </table></div>
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)
Submit an article or tip