Highest Voted 'css' Questions - IT Security Stack Exchange

3

votes

1 answer

Can Arbitrary Code Execution be done using CSS Injection?

As part of our class project, we are studying the attacks that could be done using CSS Injection. In our threat model, attacker can manipulate any CSS file on the server. If attacker replaces original CSS file with a malicious CSS file and if the…

asked Dec 09 '18 at 13:44

satya

141
2

3

votes

3 answers

CSS code can be seen through my browser. Is that a vulnerability?

I have a WordPress blog, and when I navigate to a particular path such as http://example.com/wp-content/themes/css/jquery-scrollbar.css?, I could see all the CSS code for the scroll bar. My questions are: Is this a normal behaviour or is it a…

vulnerability css

asked Mar 03 '16 at 04:45

MS Guy

97
9

2

votes

0 answers

Is it dangerous to allow users to edit the CSS styles?

I'm working on a blog site, and I plan to allow bloggers to completely edit the style sheet for their own blogs I assume this isn't dangerous, since CSS is client side, but I thought it'd be best to check. If there a way someone could use this…

css

asked Feb 25 '15 at 04:29

Tom

21
1

2

votes

1 answer

Can XSS ever occur in an tag's "src" attribute?

In a scenario where an attacker has control over the src attribute of an img HTML tag, they could easily inject a simple JavaScript XSS payload like the following:

The attacker can not manage to leave the src…

xss javascript css

asked Dec 30 '21 at 13:10

Xiddoc

123
8

2

votes

0 answers

What are the dangers of "style-src: 'unsafe-inline'"?

This is a common sight in content security policies: style-src 'unsafe-inline' I know that this "UI redressing attacks" that can be use for phishing or just defamation. But are there other threats as well? In particular, I am interested in: Script…

web-application content-security-policy css

asked Oct 18 '18 at 10:53

Anders

64,406
24
178
215

2

votes

2 answers

How do I let users point to their own images, yet avoid Mixed Content warnings?

I allow users of my webapp to provide a URL for their own images. They can also provide CSS which may contain URLs to images. If these URLs are HTTP then the browser does not show the padlock in the URL bar. What is the best practice for avoiding…

tls image css mixed-content

asked Jun 06 '18 at 08:59

Joshua Fox

239
1
10

2

votes

2 answers

Can controlling the content of a CSS url property possibly be exploited in any major way?

So I noticed on a site I'm penetration testing that when you save your profile settings after changing them, one of the parameters in the POST request is avatar_url. I realized that I could repeat the POST request and change this avatar_url to…

xss html css

asked Apr 02 '18 at 21:05

Jack

471
2
6
18

2

votes

1 answer

Security Implications of PHPCSS Files ( Dynamic CSS using PHP )

I'm working on an website where I need to allow the user to change multiple CSS values in their CMS. I need to read these values back to the browser in CSS and ran across an "easy" way to do just that - create a PHP file but send the header content…

web-application php audit css

asked Sep 13 '16 at 20:04

Howdy_McGee

240
2
9

1

vote

3 answers

Is a normal user allowed to view site's CSS sheet

I am looking at IDS (intrusion detection sensor) logs where some one tired to get a .css sheet through a URL. Ex: www.site.com/CSS/Main.css - which throws a CSS sheet in the form of text file. Is this allowed for any user or something to concern…

web-application appsec css

asked Jan 11 '15 at 10:56

Ramesh Shanmugam

21
3

1

vote

2 answers

Identify users accessing hidden link in a website

Recently I put some hidden links in a web site in order to trap web crawlers. (Used CSS visibility hidden style in order to avoid human users accessing it). Any way, I found that there were plenty of HTTP requests with a reference of browsers which…

http intrusion css

asked Dec 30 '13 at 10:51

TestRunner

113
4

1

vote

1 answer

Is there any way for a Content-Security-Policy to block a CSS function, (specifically the url() function)?

I would like to block the execution of any instance of CSS's url() function in CSS provided by my server. One promising method would be a CSP, but I'm not sure if this is possible using a CSP. Is it? And if not, what is the best way to accomplish…

content-security-policy css

asked Apr 26 '20 at 06:01

Alex V

190
6

1

vote

2 answers

What can a 3rd party learn about a user through only CSS and images?

In its default settings, uMatrix content blocker allows CSS and images (JPG, PNG, etc) from all sources, unless denied by a site-specific block list. It also allows 1st party cookies, scripts, and multimedia. How much can a 3rd party learn about a…

privacy web-browser fingerprint third-party css

asked Jul 21 '19 at 17:43

Foo Bar

367
2
11

1

vote

1 answer

Stealing page source via Clickjacking

I am learning Javascript. Also researching web based vulnerabilitys to learn. I just wondering how Javascript can be used to steal view page source or any text or any tokens leaking on the page via Clickjacking. I need a demo poc to see how it…

javascript html-5 clickjacking css

asked Mar 10 '19 at 12:30

user11177344

11
3

1

vote

0 answers

CSS Injection without colon

I'm looking for a way to create a CSS injection proof-of-concept. I can insert the following and it gets reflected in the browser: The only issue is that the colon gets URL encoded, which prevents the css…

injection reflected-xss css

asked Feb 01 '19 at 00:04

br0wnrice

11
2

1

vote

1 answer

Site inaccessible with Cookies turned off in browser

Whenever I access my website with cookies turned off in browser, it redirects me to a google support page that informs me to allow cookies. My website is simple (a blog) HTML and CSS and I store nor ask for any data from the visitors. I have noticed…

cookies html css

asked Dec 08 '18 at 15:51

osiris89

11
1

Questions tagged [css]