[WEB SECURITY] ASP.NET Request Validator Bypass?
ryandewhurst at gmail.com
Sat Feb 19 10:39:06 EST 2011
Recently on a client test I was able to bypass the ASP.NET Request Validator
by leveraging the jQuery library which was included in the page. I am mainly
a LAMP guy and my knowledge of ASP.NET and how to set it up is minimal.
I was wondering if any one could confirm whether my bypass affects all
ASP.NET installations or whether or not this particular client had it
I used the following jQuery function to bypass the filter:
projects www.dvwa.co.uk | www.webwordcount.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity