[Bug 13586] [html5] Input attributes allow form tampering

http://www.w3.org/Bugs/Public/show_bug.cgi?id=13586

Kornel Lesinski <kornel@geekhood.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |kornel@geekhood.net

--- Comment #1 from Kornel Lesinski <kornel@geekhood.net> 2011-08-03 22:59:23 UTC ---
How would attacker get that input on a page in a first place? 

If the assumption is that pages fail to escape user-supplied data or use flawed
input filtering, then there is a lot of other ways to inject form-hijacking
scripts.

-- 
Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

Received on Wednesday, 3 August 2011 22:59:25 UTC