Discover the best of the web!
Learn more about Digg by taking the tour.
MSIE facilitates Cross Site Scripting
splitbrain.org — Chris Smith and Andreas Gohr discovered another XSS vulnerability in IE due to wrong mime type detection. They found out that special crafted .pdfs or images could cause IE to execute embedded java script. This probably works for all kind of files and is a potential security risk to everyone who allows file uploads at his website.
- 15 diggs
- digg it
- All About Digg
- About Us & Contact
- Take a Tour
- How Digg Works
- Frequent Questions
- The Digg Blog
- Jobs at Digg
- Diggnation Podcast
- Digg Tools & API
- Check out Digg Tools that let you integrate Digg into your site and add Google features.
- Develop your own tools with the Digg API.
- UPDATED! Add Digg to Google
- Digg Store
- Get hats, shirts, hoodies, and more at the Digg Store.
- Advertise
- You can buy advertising on Digg through our advertising partner Microsoft.
- Digg Labs
- Get a real-time look beneath the surface in the digg labs with our tools arc, swarm, stack and bigspy. Also see Digg Spy, our original real-time tracking system.
- Digg the Candidates
- Check out Digg the Candidates, where you can Digg and watch the activity of your favorite Presidential candidates.
© Digg Inc. 2008 —
Content posted by
Digg users
is
dedicated to the public domain.
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.