[WEB SECURITY] citibank XSS?

Thierry Zoller Thierry at Zoller.lu
Tue Jul 25 12:07:48 EDT 2006


Dear Brian Eaton,


BE> I thought the citibank attack was MITM, no XSS involved.  Am I wrong
BE> on that?  Was XSS used as well?
AFAIK, XSS had no immediate impact on the MITM scenaria, if XSS played
a role _at all_. Sounds like a lot of BS.

-- 
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7


----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list