On Fri, Apr 26, 2002 at 08:59:50AM +0200, Martin Quinson wrote:
> What is a cross-site scripting type attack ?

One of the first analyses was published by Marc Slemko of the Apache
Group at http://httpd.apache.org/info/css-security/ .  You'll
probably have to read the CERT links on that page as well.  Marc
deserves most of the credit for the current spate of cross-site
scripting reports: He was reiterating the severity of the problem
before most people understood it.

If you're going to publish a translated explanation, I humbly
suggest you read the material two or three times, to make sure you
really get it.  It's subtle.

As for a translated term:  Marc's article admits that cross-site
scripting isn't all that great a name to begin with, so I'd say
you're on your own.  :-)

Andrew


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to