This presentation was about abusing an interesting html attribute that could be a potential plot for information leakage and other social engineering attacks. This issue is already known, reported and most of the times ignored to fix by developers due to lack of awareness about the threat landscape. The session demonstrate how this can be exploited and the mitigation techniques to avoid such issues in web applications. This was presented at Null Mumbai chapter monthly meetup.
2016-09-24 00:00 +0000