[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Double Trap XSS Injection : An Analysis

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Double Trap XSS Injection : An Analysis
From: Aditya K Sood <zeroknock@xxxxxxxxxxx>
Date: Fri, 16 Mar 2007 23:23:47 +0530

Hi all

This analysis will enable you to the different realm of XSS injection 
attacks.
 No XSS cheatsheat is used in this. I am presenting the full analysis of 
it.
The demonstration target is SecTheory security consultation website.
This process goes in both ways. This will throw light on the trodden basics
of security companies and also helpful in determining new class of 
exploitation.

http://zeroknock.blogspot.com/2007/03/double-trap-xss-injection-analysis.html

The issue have been undertaken by ha.ckers.org and replied as:

http://zeroknock.blogspot.com/2007/03/hackersorg-view-over-double-trap-xss.html

Regards
Zknk

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities
Next by Date: [Full-disclosure] [ MDKSA-2007:063 ] - Updated libwpd packages to address heap overflow vulnerabilities
Previous by thread: [Full-disclosure] iDefense Security Advisory 03.16.07: Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities
Next by thread: [Full-disclosure] [ MDKSA-2007:063 ] - Updated libwpd packages to address heap overflow vulnerabilities
Index(es):
- Date
- Thread