[WEB SECURITY] citibank XSS?

Thierry Zoller Thierry at Zoller.lu
Tue Jul 25 12:07:48 EDT 2006

Dear Brian Eaton,

BE> I thought the citibank attack was MITM, no XSS involved.  Am I wrong
BE> on that?  Was XSS used as well?
AFAIK, XSS had no immediate impact on the MITM scenaria, if XSS played
a role _at all_. Sounds like a lot of BS.

Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7

The Web Security Mailing List: 

The Web Security Mailing List Archives: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

More information about the websecurity mailing list