17 responses to this plurk (Jump to bottom)

• 

  smeranda says Oct 08, 2008 02:03PM

  Inject scripts into browser
• 

  smeranda says Oct 08, 2008 02:04PM

  in 2006, XSS vulnerabilities made up almost 70%
• 

  smeranda says Oct 08, 2008 02:05PM

  education has the highest vulnerabilty
• 

  smeranda says Oct 08, 2008 02:06PM

  XSS is usually just the first step in a larger attack
• 

  smeranda says Oct 08, 2008 02:06PM

  XSS is Platform independent
• 

  smeranda says Oct 08, 2008 02:06PM

  XSS Can spread much faster than traditional viruses/malware
• 

  smeranda says Oct 08, 2008 02:10PM

  Vulnerability only exists in the URL
• 

  smeranda says Oct 08, 2008 02:18PM

  doing an example on nbc.com
• 

  smeranda says Oct 08, 2008 02:23PM

  Now he is hacking cornell.edu
• 

  smeranda says Oct 08, 2008 02:36PM

  htmlpurifier.org
• 

  smeranda says Oct 08, 2008 02:36PM

  php-ids.org
• 

  smeranda says Oct 08, 2008 02:37PM

  Steps: Input Filtering, Input Validation, Output Encoding
• 

  smeranda says Oct 08, 2008 02:42PM

  AntiSamy
• 

  smeranda says Oct 08, 2008 02:43PM

  XSS Me - a firefox extension that checks vulnerabilities in the current page.
• 

  smeranda says Oct 08, 2008 02:44PM

  every app at Mizzou has to go through an injection/XSS audit before launch.
• 

  saltybeagle says Oct 08, 2008 02:45PM

  excellent session
• 

  george sackett says Oct 09, 2008 02:46AM

  scary stuff - where to begin with our own site???