WebApp Sec mailing list archives

Re: myspace hack

From: bugtraq () cgisecurity net
Date: Fri, 14 Oct 2005 11:24:32 -0400 (EDT)

I coined the term Same Site Scripting to describe the act of abusing 
XMLHttpRequest whilst playing around with this attack vector for a paper I'm 
writing.  Anyone have a better suggestion?


How about no new cross site scripting terms? :) 

- admin () cgisecurity com
http://www.cgisecurity.com

Current thread:

Re: myspace hack, (continued)
- Re: myspace hack Chris Varenhorst (Oct 13)
  - Re: myspace hack Chris Varenhorst (Oct 13)
- RE: myspace hack Griffiths, Ian (Oct 13)
  - Re: myspace hack rSYN (Oct 13)
- RE: myspace hack Reynolds, Jake (Oct 14)
  - Re: myspace hack Stephen de Vries (Oct 14)
  - RE: myspace hack Radoslav Vasilev (Oct 14)
  - RE: myspace hack Andrew Chong (Oct 14)
    - Re: myspace hack Stephen de Vries (Oct 14)
  - Re: myspace hack Tim Brown (Oct 14)
    - Re: myspace hack bugtraq (Oct 14)
    - Re: myspace hack Tom Gallagher (Oct 14)
    - Re: myspace hack Disco Jonny (Oct 14)
- RE: myspace hack Jeff Robertson (Oct 14)
  - RE: myspace hack Richard M. Smith (Oct 14)
- RE: myspace hack Reynolds, Jake (Oct 14)
- RE: myspace hack Jeff Robertson (Oct 14)
  - Re: myspace hack bugtraq (Oct 14)
  - Re: myspace hack (readable javascript code ) A. Fontes (Oct 14)
  - Re: myspace hack (History of XSS) Jeremiah Grossman (Oct 14)
- RE: myspace hack Evans, Arian (Oct 14)