[Owasp-leaders] OWASP DOM based XSS definition, which looked a little off

• Previous message: [Owasp-leaders] OWASP DOM based XSS definition, which looked a little off
• Next message: [Owasp-leaders] OWASP DOM based XSS definition, which looked a little off
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/23/2013 11:05 PM, Achim wrote:
> opps, my point was not to stick on a single XSS definition, but on
> reflected, persistent and DOM-based. As these are problems on different places.
> All others are variants of these, as we know today.
Ops I misunderstood. Sorry Achim.

However I think that the cathegories are:

- XSS or generic XSS
- DomXSS

I would remove "stored" as a cathegory. Both can be non persistent or
persistent but this is an addtitional aspect that makes the previous
more critical (if persistent)

-- 
| Giorgio Fedon, Owasp Italy
|
| In Input Validation 
|            and Output Sanitization, 
|                                   We Trust
--
| Web: https://www.owasp.org/index.php/Italy
|_____________________________________________.

• Previous message: [Owasp-leaders] OWASP DOM based XSS definition, which looked a little off
• Next message: [Owasp-leaders] OWASP DOM based XSS definition, which looked a little off
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]