By Romain Friday, February 23 2007 - 08:10 UTC - Vulnerabilities - Permalink
Yesterday, on the #webappsec channel, heanol asked how to do an XSS Injection in a anchor tag <a> without the style="expression(..)" referenced by RSnake in the XSS Cheat Sheet.
Then, I proposed him to use the JavaScript event onmouseover="" attribute... Thinking about this it's not really good because the victim has to put his mouse over this link which can be very small etc.
My idea then is to use CSS to make this link taking all the page: this is pretty basic but powerful!
<a href="the link" onmouseover="alert('XSS');"
style="position:absolute;top:0px;width:100000px;height:1000px;z-index:99999;" >Link</a>
I'll try to post some other CSS based interesting XSS injection...
Last comments