On Mon, 16 Jul 2007 16:51:22 BST, Berend-Jan Wever said: > without XMLHTTPRequest. I've been told that people saw XSS worms as early as > 2000, but I have found no evidence to support this: let me know if you know > something. It's quite possible that they were out there, but nobody noticed them because nobody was *looking* for them. At most sites, if it doesn't trip the IDS, it literally never happened. If your intrusion detection system only has templates for mammals, a hell of a lot of alligators can wander through and you'll never see one....
Attachment:
pgpVsnbdbYtDW.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/