[Full-disclosure] WASC-Articles: 'DOM Based Cross Site Scripting or XSS of the Third Kind: A look at an overlooked flavor of XSS'

contact_at_webappsec.org
Date: 07/11/05

  • Next message: Martin Schulze: "[Full-disclosure] [SECURITY] [DSA 752-1] New gzip packages fix several vulnerabilities"
    To: full-disclosure@lists.grok.org.uk
    Date: Mon, 11 Jul 2005 11:14:46 -0400 (EDT)
    
    

    The Web Application Security Consortium is proud to present 'DOM Based Cross Site Scripting or XSS of
    the Third Kind: A look at an overlooked flavor of XSS ' written by Amit Klein. In this article Amit
    focuses on a little known variant of Cross Site Scripting which attacks a user's client without
    sending malicious content to the web server.

    This document can be found at http://www.webappsec.org/projects/articles/071105.shtml .

    Regards,

    - Robert Auger

    articles_at_webappsec.org
    http://www.webappsec.org

    ------------------------------------------------------------------------------------
    Are you interested in writing a 'Guest Article' for the WASC? Additional information
    on article guidelines may be found at http://www.webappsec.org/articles/. Inquires
    can be sent to articles_at_webappsec.org

    "Contributed articles may include industry best practices, technical information about
    current issues, innovative defense techniques, etc. NO VENDOR PITCHES OR MARKETING
    GIMMICKS PLEASE. We are only soliciting concrete information from the experts on the
    front lines of the web application security field."
    <a href="http://www.webappsec.org">http://www.webappsec.org>
    ------------------------------------------------------------------------------------

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter:
    http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: Martin Schulze: "[Full-disclosure] [SECURITY] [DSA 752-1] New gzip packages fix several vulnerabilities"

    Relevant Pages