XSS

mleanz1 · 2 Mar 2009 at 18:05

Hi
I've been given the task of creating a presentation on the topic of XSS. I only really understand the basics so could do with a little help. Does anyone know of any high profile cases or interesting facts that I could include to jazz it up a bit?

Many Thanks

Mark

jack21 · 2 Mar 2009 at 19:14

You may check http://www.xssed.com/

Hope this helps

mleanz1 · 2 Mar 2009 at 19:33

Cheers that is a great help thanks

philjohn · 2 Mar 2009 at 20:23

And have a look at some of the items on the XSS Cheat Sheet.

Another interesting tid-bit is that if you provide protection against CSRF (Cross Site Request Forgery), e.g. by using a token, even a single XSS vulnerability on the page will render that (and any other) countermeasure null and void.

which is fun.

RobH · 3 Mar 2009 at 01:43

Couple of podcasts with full text transcripts that might be worth a listen/read.

CSRF - http://www.grc.com/securitynow.htm#166

XSS - http://www.grc.com/securitynow.htm#86

mleanz1 · 3 Mar 2009 at 12:43

Cheers guys for the help

. Got some starting points now