Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

Re: XSS

From: Kevin Spett <kspett(at)spidynamics.com>
Date: Tue Dec 10 2002 - 10:26:06 EST

We've got an XSS paper that describes a real attack in technical detail. The scenario it uses is a bank login page that uses client-supplied data for a login-failed error message.

http://www.spidynamics.com/mktg/xss

I hope it helps.

Kevin Spett
SPI Labs
http://www.spidynamics.com/

Original Message ----- From: "John Madden" <chiwawa999@yahoo.com> To: <webappsec@securityfocus.com> Sent: Tuesday, December 10, 2002 9:38 AM Subject: XSS

> Hello all,
Received on Tue Dec 10 10:50:34 2002

This message: [ Message body ]
Next message: Dawes, Rogan (ZA - Johannesburg): "RE: Sequence Identification Routines?"
Previous message: Ivan Ristic: "Re: Apache module: mod_security"
In reply to: John Madden: "XSS"
In reply to Eyal Udassin: "RE: XSS"
Next in thread: John Madden: "Re: XSS"
Reply: John Madden: "Re: XSS"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:46 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library