WebApp Sec mailing list archives

Re: XSS

From: zeno <bugtraq () cgisecurity net>
Date: Tue, 10 Dec 2002 09:57:39 -0500 (EST)

You can do the document.cookie and view your
cookie, that migth give a hint on the structure but...
or redirect yourself to another web site :) etc...

I've read the document on XSS by David Endler
http://www.idefense.com/papers.html but still have
some questions.




I have written the XSS FAQ which I plan on adding two new things sometime later this week.
It is located at www.cgisecurity.com/articles/xss-faq.shtml. (Check for new additionals
early next week. )

- zeno () cgisecurity com

Current thread:

Re: XSS, (continued)
- Re: XSS Kevin Spett (Dec 10)
  - Re: XSS John Madden (Dec 10)
    - Re: XSS Kevin Spett (Dec 10)
    - Re: XSS Stephen de Vries (Dec 11)
    - Re: XSS Matthew Miller (Dec 11)
    - Re: XSS Jeff Williams @ Aspect (Dec 11)
    - Re: XSS Sverre H. Huseby (Dec 19)
    - Re: XSS Ed Tracy @ Aspect Security (Dec 11)
    - Re: XSS Matthew Miller (Dec 11)
    - Re: XSS HarryM (Dec 15)
- Re: XSS zeno (Dec 10)
- RE: XSS Ernesto Funes (Dec 10)
- Re: XSS zeno (Dec 10)
  - RE: XSS Brett Moore (Dec 10)
    - Re: XSS zeno (Dec 10)
- RE: XSS David Endler (Dec 10)
- Re: XSS appsec (Dec 15)