On Fri, Apr 26, 2002 at 08:59:50AM +0200, Martin Quinson wrote: > What is a cross-site scripting type attack ?
One of the first analyses was published by Marc Slemko of the Apache Group at http://httpd.apache.org/info/css-security/ . You'll probably have to read the CERT links on that page as well. Marc deserves most of the credit for the current spate of cross-site scripting reports: He was reiterating the severity of the problem before most people understood it. If you're going to publish a translated explanation, I humbly suggest you read the material two or three times, to make sure you really get it. It's subtle. As for a translated term: Marc's article admits that cross-site scripting isn't all that great a name to begin with, so I'd say you're on your own. :-) Andrew -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
