eoin.keary at owasp.org
Wed May 29 09:51:47 UTC 2013
Indeed user incrimination came to mind.
Owasp Global Board
+353 87 977 2988
On 29 May 2013, at 10:38, gaz Heyes <gazheyes at gmail.com> wrote:
> On 28 May 2013 23:25, Eoin <eoin.keary at owasp.org> wrote:
>> Does anyone have any attacks, case studies which result in REAL risk to a business??
> A few years ago I did an attack on del.icio.us where it logged you in as a user, you could then see what the user bookmarked. For web services it's a valid attack on privacy. Would also work to incriminate a user.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders