Css > Cross Site Scripting
I will be explaining in brief some things about it.
Often people refer to Cross Site Scripting as CSS. There has been a lot of confusion with Cascading Style Sheets (CSS) and cross site scripting. Some security people refer to Cross Site Scripting as XSS. If you hear someone say "I found a XSS hole", they are talking about Cross Site Scripting for certain.
One product with many XSS holes is the popular PHP program PHPnuke. This product is often targeted by attackers to probe for XSS holes because of its popularity. I have included a few links of advisories/reports that have been discovered and disclosed just from this product alone. The following collection should provide plenty of examples.
Again if you have any specific questions ask.
o/w refer the link below...
Where can they be entered???
(my friends reply)
XSS can be anywhere, where the vulnerable script is executed, it can be in address bar, a search box, a form and anything, depends upon when the script is run
|All times are GMT +5.5. The time now is 11:25.|