cross-site to root scripting papers

["Ben Greenberg" <benfallout2 () hotmail com>]

Hi bugtraq.

Does anyone know or have any links pertaining to getting root or more 
privellaged access from a cross-site scripting vulnerability,  I always have 
thought that people underestimate cross site scripting vulnerabilties.  All 
I know about so far is that <iframe> can be used to get some protected 
files, and that java servlets can be used to exploits these cross site 
scripting vulnerabilities, but thats about all.

Thanks for the help

Urthogie

_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail