Re: [Full-disclosure] on xss and its technical merit ... detailed technical knowledge of all things xss.... other's attacks since then. ... "Saying XSS isn't a vulnerability is like like saying a binary that ... (javascript is ONE scripting language and therefore NOT a requirement)). ... (Full-Disclosure)
Re: [Full-disclosure] on xss and its technical merit ..."Saying XSS isn't a vulnerability is like like saying a binary that has a ..."XSS needs javascript, binary needs its own malcode as well." ... (javascript is ONE scripting language and therefore NOT a requirement)). ... (Full-Disclosure)
[Full-disclosure] dt_guestbook version 1.0f XSS vulnerability ... fully-featured message board system with admin interface.... flaws it is possible for the remote attacker to conduct XSS attacks.... This vulnerability can be exploited only when PHP register_globals is ... Vulnerability Impact: Attack... (Full-Disclosure)
[VulnWatch] Re: New Web Vulnerability - Cross-Site Tracing ... then it could pose a significant threat.... >and the involvement of three parties in XSS (attacker, victim, ... As specific issues in widely-deployed pieces of software become less common, attacks against application components will become more common. ... >But that should only affect how XSS is prioritized as a vulnerability... (VulnWatch)
[Full-Disclosure] Re: New Web Vulnerability - Cross-Site Tracing ... then it could pose a significant threat.... >and the involvement of three parties in XSS (attacker, victim, ... As specific issues in widely-deployed pieces of software become less common, attacks against application components will become more common. ... >But that should only affect how XSS is prioritized as a vulnerability... (Full-Disclosure)
