Home page logo
/

basics logo Security Basics mailing list archives

Re: About malicious java sciprt running...
From: オマル イスマイル <isumai-u () is aist-nara ac jp>
Date: Wed, 10 Dec 2003 09:45:17 +0900

Hi,
This is called Cross-Site Scripting vulnerability (XSS), a well known web application
vulnerability.
The most common XSS attack is to exploit user's cookie information by executing the malicious scripts at user's browsers. And user's session ID is also vulnerable to this kind of attacks.

On 2003.12.9, at 11:36  PM, <s970501 () ku edu np> wrote:

<security-basics () securityfocus com>


---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]