HTML, javascript alert security issue
tbrown1635
Community Member Posts: 3 ☆ Roadie ☆
I am experiencing this error when I load my HTML version of my courses to the server, can anyone provide some guidance?
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">GET /nhsntraining/courses/2018/2018%20HTML/C27OPCSDOM/index.html? </span><b><span style="color: red; font-family: 'CourierNewPS-BoldMT',serif; font-size: 7.5pt;">jmptopg=javascript%3Aalert%2822%</span></b>
<span style="color: black; font-family: 'Calibri',sans-serif;"> <span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;"><body><div style="visibility: hidden; display: none; position: absolute; overflow:</span></span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">hidden;"><iframe id="ifr_ </span><b><span style="color: black; font-family: 'CourierNewPS-BoldMT',serif; font-size: 7.5pt;">javascript:alert(22) </span></b><span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">" name="</span><span style="color: red; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">ifr_javascript:alert(22)" </span><span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">scrolling="no"</span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">src="javascript:alert(22)" style="width: 100%; height: 100%; border: 0px; overflow: hidden;</span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">visibility: hidden; left: 0px; top: 0px;"></iframe></div></span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;"><div id="pgBkAudio" class="pgBkAudio" style="visibility: hidden</span>
<span style="color: black; font-family: 'Calibri',sans-serif;"> </span>
<span style="color: black; font-family: 'ArialMT',serif; font-size: 7.5pt;">Parameter: jmptopg</span>
<span style="color: black; font-family: 'ArialMT',serif; font-size: 7.5pt;">Risk(s): It may be possible to steal or manipulate customer session and cookies, which might be used to impersonate a legitimate</span>
<span style="color: black; font-family: 'ArialMT',serif; font-size: 7.5pt;">user, allowing the hacker to view or alter user records, and to</span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">GET /nhsntraining/courses/2018/2018%20HTML/C27OPCSDOM/index.html? </span><b><span style="color: red; font-family: 'CourierNewPS-BoldMT',serif; font-size: 7.5pt;">jmptopg=javascript%3Aalert%2822%</span></b>
<span style="color: black; font-family: 'Calibri',sans-serif;"> <span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;"><body><div style="visibility: hidden; display: none; position: absolute; overflow:</span></span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">hidden;"><iframe id="ifr_ </span><b><span style="color: black; font-family: 'CourierNewPS-BoldMT',serif; font-size: 7.5pt;">javascript:alert(22) </span></b><span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">" name="</span><span style="color: red; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">ifr_javascript:alert(22)" </span><span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">scrolling="no"</span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">src="javascript:alert(22)" style="width: 100%; height: 100%; border: 0px; overflow: hidden;</span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;">visibility: hidden; left: 0px; top: 0px;"></iframe></div></span>
<span style="color: black; font-family: 'CourierNewPSMT',serif; font-size: 7.5pt;"><div id="pgBkAudio" class="pgBkAudio" style="visibility: hidden</span>
<span style="color: black; font-family: 'Calibri',sans-serif;"> </span>
<span style="color: black; font-family: 'ArialMT',serif; font-size: 7.5pt;">Parameter: jmptopg</span>
<span style="color: black; font-family: 'ArialMT',serif; font-size: 7.5pt;">Risk(s): It may be possible to steal or manipulate customer session and cookies, which might be used to impersonate a legitimate</span>
<span style="color: black; font-family: 'ArialMT',serif; font-size: 7.5pt;">user, allowing the hacker to view or alter user records, and to</span>
Comments
-
let me try this again.
jmptopg=javascript%3Aalert%2822%
<body><div style="visibility: hidden; display: none; position: absolute; overflow:
hidden;"><iframe id="ifr_ javascript:alert(22) " name="ifr_javascript:alert(22)" scrolling="no"
src="javascript:alert(22)" style="width: 100%; height: 100%; border: 0px; overflow: hidden;
visibility: hidden; left: 0px; top: 0px;"></iframe></div>
<div id="pgBkAudio" class="pgBkAudio" style="visibility: hidden
Parameter: jmptopg
Risk(s): It may be possible to steal or manipulate customer session and cookies, which might be used to impersonate a legitimate
user, allowing the hacker to view or alter user records, and to
Categories
- 35.8K All Categories
- 108 ✫ Announcements
- 33.1K Lectora®
- 31.1K Lectora Discussions
- 28.9K Lectora Desktop
- 2K Lectora Online
- 2K Lectora Feature Requests
- 71 Lectora User Groups
- 36 Lectora Accessibility User Group (LAUG)
- 22 ELB Learning Content
- 22 ELB Learning Content Discussions
- 321 CenarioVR®
- 188 CenarioVR Discussions
- 133 CenarioVR Feature Requests
- 41 Rockstar Learning Platform®
- 38 Rockstar Learning Platform Discussions
- 108 CourseMill®
- 108 CourseMill Discussions
- 47 ReviewLink®
- 47 ReviewLink Discussions
- 5 The Training Arcade®
- 5 The Training Arcade Discussions
- 934 All Things eLearning
- 36 eLearning Development
- 546 Learning Management System (LMS) Integration
- 332 Web Accessibility
- 1.2K ♪ The Green Room
- 9 Additional Learning Products