WebApp Sec mailing list archives
XSS or HTTP Response Splitting?
From: Joxean Koret <joxeankoret () yahoo es>
Date: 2 Jan 2005 11:15:40 -0000
Hi! I have been discovered recently various security issues with the ViewCVS python CGI (http://www.securityfocus.com/archive/1/385885 ) but I'm not sure if the errors are Cross Site Scripting Vulnerabilities and/or HTTP Response Splitting. My question is the following: What is the main difference between XSS and HTTP Response Splitting? May be that HTTP Response Splitting errors modifies the headers and XSS modifies document content? Thanks in advance to all... And Happy New Year!
Current thread:
- XSS or HTTP Response Splitting? Joxean Koret (Jan 02)
- <Possible follow-ups>
- Re: XSS or HTTP Response Splitting? Amit Klein (AKsecurity) (Jan 06)
- Vulnerability statistics Benjamin Livshits (Jan 06)
- Re: Vulnerability statistics Jeremiah Grossman (Jan 07)
- Vulnerability statistics Benjamin Livshits (Jan 06)