[ OWASP - Montreal ] Confusion about XSS...

Philippe Gamache philippe at gamache.com
Wed Dec 17 16:40:59 EST 2008


Benoit Guerette wrote:
> Am I wrong, or to be declared as XSS vuln. the script must be injected 
> from an external source, not the site itself?
It's really a XSS.  It's more an historical name.

Look at http://ha.ckers.org/xss.html


-------------- next part --------------
A non-text attachment was scrubbed...
Name: philippe.vcf
Type: text/x-vcard
Size: 131 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-montreal/attachments/20081217/18d7f6e1/attachment.vcf 


More information about the Owasp-montreal mailing list