Full Disclosure mailing list archives
Re: Attacking the local LAN via XSS
From: vile <vileone () gmail com>
Date: Wed, 18 Oct 2006 13:50:08 -0500
holy shit! you all are the biggest faggots i've ever seen! On 8/10/06, Florian Weimer <fw () deneb enyo de> wrote:
* pdp: > 1. page that is controlled by the attacker, lets call it evil.com > 2. border router vulnerable to XSS > 3. user attending evil.com This has nothing to do with cross-site scripting attacks, it's an entirely different vulnerability class called cross-site request forgery (CSRF). A lot of web applications are afffected. Technically, this is a browser vulnerability, but you can't fix it there as cross-site requests are too common in the real world. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Attacking the local LAN via XSS vile (Oct 18)