[ OWASP - Montreal ] Confusion about XSS...
philippe at gamache.com
Wed Dec 17 16:40:59 EST 2008
Benoit Guerette wrote:
> Am I wrong, or to be declared as XSS vuln. the script must be injected
> from an external source, not the site itself?
It's really a XSS. It's more an historical name.
Look at http://ha.ckers.org/xss.html
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 131 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-montreal/attachments/20081217/18d7f6e1/attachment.vcf
More information about the Owasp-montreal