From: Kevin Spett (kspett@spidynamics.com)
Date: Mon Jan 06 2003 - 14:57:23 EST
The site we use for our paper (http://www.spidynamics.com/mktg/xss/) is
online at http://endo.webappsecurity.com/ Feel free to use it to educate
people about XSS... As the Unix Terrorist stated so succinctly at Defcon,
"Cross-site scripting is an issue that affects us all."
Kevin Spett
SPI Labs
http://www.spidynamics.com/
----- Original Message -----
From: "Jeremy Junginger" <jj@act.com>
To: "pen-test" <pen-test@securityfocus.com>
Sent: Monday, January 06, 2003 12:00 PM
Subject: XSS LAB DEMO IDEAS
After reading the papers by iDefense and the paper at
http://www.technicalinfo.net/papers/CSS.html , I would like to put a
working example together to familiarize our web developers with XSS
vulnerabilities and their impact on the web site (and business). I
would like to poll the group for interesting ways to demonstrate these
vulnerabilities in a lab environment. Thanks for taking the time to
give your input.
-Jeremy
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:26 EDT