This site is soon to be deprecated by

Friday, September 4, 2009

Exploiting The Meta Tag -

Despite the lack of HTML encoding of data passed to the vulnerable market field, tags cannot be used as sending a less than character followed by any alphabetic character redirects the user to a presumably security related error page. But by injecting the http-equiv attribute, the vulnerable meta tag can be repurposed.;"http-equiv="refresh"