[WEB SECURITY] XSS Impact
Ofer Shezaf
ofer at shezaf.com
Wed Jan 14 02:05:57 EST 2009
The Web Hacking Incident Database lists real world web hacking incidents
broken by attack vector. You can find XSS incidents at
http://whid.xiom.com/whid-list/xss. For each incident the database lists the
outcome (i.e. impact) providing just the information you need.
~ Ofer
Ofer Shezaf
shezaf at xiom.com <mailto:ofer at shezaf.com> , +972-54-4431119
Founder, Xiom.com, Proactive Web Application Security, http://www.xiom.com
Chairman, OWASP Israel
Leader, WASC Web Hacking Incidents Database Project
From: Pete Lindstrom [mailto:petelind at spiresecurity.com]
Sent: Wednesday, January 14, 2009 2:32 AM
To: websecurity at webappsec.org
Subject: [WEB SECURITY] XSS Impact
Greetings -
I am trying to get my arms around the cross-site scripting vulnerability
impact and can only come up with it as an enabler of other exploits. Can you
give me your best (highest impact) examples of what an XSS vuln can do
without combining with other exploit techniques?
Thanks,
Pete
Pete Lindstrom
Research Director
Spire Security
610-644-9064
blog: http://spiresecurity.typepad.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090114/11b160e1/attachment.html>
More information about the websecurity
mailing list