Vulnerability Development mailing list archives

Re: CSS implication

From: zero <zeroboy () arrakis es>
Date: Sun, 17 Mar 2002 02:12:05 +0100

At 10:14 a.m. 16/03/2002 -0800, you wrote:

The implications are very simple. With XSS, one can control a target users
browser to make it do whatever they want it to do.

Although that's true, many times, you just can execute code through specialcrafted urls. So, users aren't directly affected. I mean, the code youinject doesn't gets executed as in normal forum CSS. You can use this kindof links in social engineering attacks or there are more implications?



mailto:zeroboy () arrakis es
http://www.podergeek.com
http://www.citfi.org
**************************************************

"The further backward you look, the further forward you can see" WinstonChurchill

 "Para ganar, hay gente que debe perder"

Current thread:

CSS implication zero (Mar 16)
- Re: CSS implication Jeremiah Grossman (Mar 16)
- <Possible follow-ups>
- Re: CSS implication Frog Man (Mar 17)
  - Re: CSS implication Bill Weiss (Mar 17)
- Re: CSS implication zero (Mar 17)
  - Re: CSS implication Jeremiah Grossman (Mar 18)
    - Re: CSS implication zero (Mar 18)
    - Re: CSS implication Jeremiah Grossman (Mar 19)
    - Re: CSS implication Sverre H. Huseby (Mar 23)
- RE: CSS implication Matt Priestley (Mar 17)
  - Re: CSS implication Arta (Mar 18)
- Re: CSS implication b0iler _ (Mar 20)
  - Re: CSS implication HarryM (Mar 21)
  - Re: CSS implication Sverre H. Huseby (Mar 21)