Re^3: Pass hard coded param CGI post

nearly all client-side Web security exploits in the modern era have depended 100% on JavaScript to run^{[citation needed]}

Comment on Re^3: Pass hard coded param CGI post

Replies are listed 'Best First'.
Re^4: Pass hard coded param CGI post by jcb (Parson) on Jun 30, 2020 at 02:20 UTC
Then provide some counterexamples. Even Internet Explorer (as far as I know, the only browser to ever be exploitable with only plain HTML) had those problems only in the late 1990s. All of the recent exploits I remember off the top of my head have been JavaScript JIT bugs.	[reply]
Re^5: Pass hard coded param CGI post by Your Mother (Archbishop) on Jun 30, 2020 at 08:32 UTC
Just dog piling IE: it was exploitable at one time or another in every conceivable way, including a character set attack.	[reply]