The IE back-button attack
"Swedish security researcher Andreas Sandblad has discovered that the MS Internet Explorer history list allows JavaScript in the URLs. The code will execute in the same zone as the last URL visited. The error page generated by IE functions in the local computer zone. Thus when an error page is generated, JavaScript can be injected in the history and executed by using the back button."

Ingen kommentarer: