Add UK's Companies House XSS Attacks by the way of company names.
This commit is contained in:
Kevin Deldycke
@@ -77,6 +77,7 @@ are not simple or rational.
|
||||
- [Falsehoods About Cars](https://github.com/driveto/falsehoods-about-cars) - Even
|
||||
something as common as defining a car is full of pitfalls.
|
||||
- [Decimal Point Error in Etsy's Accounting System](https://www.reddit.com/r/Etsy/comments/hz4877/if_you_are_an_etsy_seller_do_not_purchase_postage/) - The importance of types in accounting software: missing the decimal point ends up with 100x over-charges.
|
||||
- [Characters `<` and `>` in company names lead to XSS attacks](https://forum.aws.chdev.org/t/cross-site-scripting-xss-software-attack/3355) - Because [UK allows companies to be registered with special characters](https://www.legislation.gov.uk/uksi/2015/17/schedule/1/made), a hacker leveraged them to register `\"><SCRIPT SRC=MJT.XSS.HT></SCRIPT> LTD`, but also `; DROP TABLE "COMPANIES";-- LTD`, `BETTS & TWINE LTD` and `SAFDASD & SFSAF \' SFDAASF\" LTD`.
|
||||
- [CLDR currency definitions](http://unicode.org/cldr/trac/browser/tags/release-31/common/supplemental/supplementalData.xml#L81) - Currency
|
||||
validity date ranges overlap due to revolts, invasions, new constitutions, and
|
||||
slow planned adoption.
|
||||
|
||||
Reference in New Issue
Block a user