[WEB SECURITY] citibank XSS?

Jeremiah Grossman jeremiah at whitehatsec.com
Tue Jul 25 13:43:47 EDT 2006


On Jul 25, 2006, at 10:33 AM, Brian Eaton wrote:

> On 7/25/06, Jeremiah Grossman <jeremiah at whitehatsec.com> wrote:
>> Since I was main subject of the interview, I believe I misspoke
>> during the call. Indeed XSS (to my knowledge) played no part in the
>> Citibank story. I meant to say PayPal. I already contacted the writer
>> with the correction and reference.
>
> And the mistake is already fixed.  Ain't the interweb great that way?

Very much so.

> I'm not going to be at Black Hat, but I'm looking forward to reading
> the presentation.

Should be a really fun show. I'll be making the slides and the PoC  
code available as soon after the show as I can.


Regards,

Jeremiah Grossman



----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list