[Owasp-delhi] Please clarify

Parmendra Sharma s.parmendra at gmail.com
Mon Feb 2 06:05:10 EST 2009


Hello All,

Please clarify the belowmentioned point:

"XSS flaws is susceptible to CSRF because a CSRF attack can exploit the XSS
flaw to steal any non-automatically submitted credential that might be in
place to protect against a CSRF attack"
Please mention the scenerio where both the vulnerabilities are in action....
-- 
Thanks and Regards:

Parmendra Sharma
Indian Computer Emergency Response Team (CERT-In)
Ministry of Information Technology
Government of India
6 C.G.O Complex
Lodhi Road
New Delhi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090202/6e1425cc/attachment.html 


More information about the Owasp-delhi mailing list