Thank you all for the replies,
Unfortunately, I can no longer really test this (it was on some internal
network, so for example link shortening wouldn't work), but I wanted to
know if anyone had encountered this stuff before. I should try on a clean
install as suggested - if it works I'll let you
Hello everyone,
I found some weird HTML code injection in an IIS error message. IIS spits
out some part of the user input that generated the error message, but will
only display 20 characters at most.
My question is: is it possible to actually exploit an XSS with this ?
Here is an example:
HTTP
