RE: Cross site scripting explained

From: Loki (loki@fatelabs.com)
Date: 12/15/02

  • Next message: Dave Monnier: "Re: Cross site scripting explained"
    From: "Loki" <loki@fatelabs.com>
    To: "'michael judge'" <mjudge3414@comcast.net>, <vuln-dev@securityfocus.com>
    Date: Sun, 15 Dec 2002 11:04:55 -0600
    
    

    Take a look at one of several good papers on the subject. This one was
    written by NGSSoftware, a company that has authored several auditing
    tools and research papers on the subject.

    http://www.nextgenss.com/papers/advanced_sql_injection.pdf

    Loki
    Fate Research Labs
    Internet Warfare and Intelligence
    http://www.fatelabs.com

            

    -----Original Message-----
    From: michael judge [mailto:mjudge3414@comcast.net]
    Sent: Sunday, December 15, 2002 4:12 AM
    To: vuln-dev@securityfocus.com
    Subject: Cross site scripting explained

    Can anyone explain to me or point me to a paper that explains exactly
    what cross site scripting is, and how it could be useful/cause
    problems for someone? Thanks.

    Mike