M
Morse Coder
As everyone now knows, html-based user-input cannot be used in html blindly
due to the risk that ones html will be hijacked by "malformed" input.
Is there any corresponding risk with VBA-based forms? In other words, is
there a risk that a VBA message box, which is partly constructed from raw
user inputs, can be hijacked? For example, suppose a VBA form contains a
textfield for the user's name. And that name is used to form the text used in
a message box, e.g., "Hello, <name>!"Is there any risk that a malformed name
can crash the system or hijack execution?
due to the risk that ones html will be hijacked by "malformed" input.
Is there any corresponding risk with VBA-based forms? In other words, is
there a risk that a VBA message box, which is partly constructed from raw
user inputs, can be hijacked? For example, suppose a VBA form contains a
textfield for the user's name. And that name is used to form the text used in
a message box, e.g., "Hello, <name>!"Is there any risk that a malformed name
can crash the system or hijack execution?