Hi, I've just released a paper (to be found at http://www.nth-dimension.org.uk/news/entry.php?e=156579087) which covers two issues with Javascript injection that I've recently been playing with. That of Javascript injection via CSS manipulation and further more the use of AJAX within injection points. I realise that perhaps neither are massively new (certainly the MySpace worm touches on the AJAX issues discussed) but I found it interesting and hope others may do too.
Tim -- Tim Brown <mailto:[EMAIL PROTECTED]> -- Tim Brown <mailto:[EMAIL PROTECTED]> <http://www.machine.org.uk/> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/