Create an Account
username: password:
 
  MemeStreams Logo

Show me Pink! (thats right, I said it) - XSS 0day for Yahoo.
search
Home Agent Weblogs Social Network Post Help About

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Show me Pink! (thats right, I said it) - XSS 0day for Yahoo.
Topic: Technology 2:50 pm EDT, Jun 15, 2007

Awesome. Pink is the new black! An anonymous blog where someone drops major XSS 0day and isn't pimping a product or consulting? Sweet. No offense to my big pimpin web security buddies, but honestly, we (myself included) are all XSS sluts. We could be more like RFP, who doesn't trade on his handle. This guy/gal is giving it away truly for free, which I supposed makes them an XSS whore. Hmmm. Well whatever floats your boat.

Given how painful a "cross-site scripting" attack can be, its acronym should have been "ASS" instead of "XSS". Yet the developers behind the web applications you use every day often do not know what they are or do not care.

Why don’t web sites care enough? Because on the surface these vulnerabilities do not jeopardize the security of the entire company and such hacks are not as glamorous as high-profile break-ins where millions of social security numbers are stolen. But in reality, an XSS defect can be just as devastating to a site’s user base and extremely traumatic to any single user whose identity and privacy are violated.

XSS 0day and brutal analysis? What more could I ask for? I agree with everything said here.

Show me Pink! (thats right, I said it) - XSS 0day for Yahoo.

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0