This is cache of http://feeds.feedburner.com/~r/GrumpySecurityGuy/~3/220571166/. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
ScanAlert - XSS is Cool with Us
2008-01-21 20:58:57 by Bill in Grumpy Security Guy
 

Sometimes I just want to give up. I really hate XSS because it is really a tricky issue to explain to people that don’t understand.  It basically boils down to bad people using my website to compromise clients. What they do with those compromised clients can range from fairly benign replicating wormsphishing scams, all the way to total remote control of the end users browser. The fine folks at Scam ScanAlert clearly don’t think this is a problem though.

It is hard enough to educate web site owners that this is a problem and how it impacts them without having to fight against people in our own industry telling them it is OK to have XSS vulnerabilities.

Jeremiah and Jericho provide more great commentary.

Add to any service

Related Posts

Post from: Grumpy Security Guy

ScanAlert - XSS is Cool with Us

 
Tags: scanalert, xss, people, crazy people, mcafee acquires scanalert, security stories, bad people, xss vulnerabilities, underground security resources
 
 
 
 
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia