CEO of Soon-to-be-Announced, Professional Hacker, Black Belt in Brazilian Jiu-Jitsu, Off-Road Race Car Driver, Founder of WhiteHat Security, and Maui resident.
Thursday, September 21, 2006
Real Live XSS
Via Rsnake’s sla.ckers.org message board, XSS disclosures are inabundance! Dell, HP, MySpace, Photobucket, F5, Acunetix, and a slew of others are listed. Dark Reading has some timely coverage (“Hackers Reveal Vulnerable Websites”) with yours truly quoted. SEO Egghead has a funny PoC from a Harvard website (“Go to Princeton Instead! “) Most of the proof-of-concept XSS links appear safe enough to click on, but I don’t recommend it, just in case.