[Full-disclosure] Cross Site Hacking Browser Injection Attack Vulnerability Paradigms
- From: <full-disclosure@xxxxxxxxxxxx>
- Date: Sat, 20 Oct 2007 15:46:36 -0400
-----BEGIN PGP SIGNED MESSAGE-----
I am a PhD student writing my dissertation on cross site scripting
related attacks, which I have learned is the true Achilles heel of
Intraweb exploration technologies. One detail I am unable to find
with the assistance of the Internet Wayback machine is when and
what browsers first introduced these vulnerabilities.
1) What browser was first vulnerable to these attacks,
2) Who was the responsible developer,
3) How was this vulnerable mechanism replicated across all modern
4) Instead of patching individual XSS problems in random web-based
piano tuning software, why aren't the serious security
researchers of this list working to develop better technologies
to block the entire vulnerability class, like the PaX/w^x team has
done, to raise the ante for computer security list posters
around the world?
Thanks for your help in advance.
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] Madness? This is KWICKFIX!!!!!!
- Next by Date: Re: [Full-disclosure] Cross Site Hacking Browser Injection Attack Vulnerability Paradigms
- Previous by thread: Re: [Full-disclosure] Madness? This is KWICKFIX!!!!!!
- Next by thread: Re: [Full-disclosure] Cross Site Hacking Browser Injection Attack Vulnerability Paradigms