[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vuln-dev
Subject:    Re:Cross Site Scripting?
From:       "b0iler _" <b0iler () hotmail ! com>
Date:       2002-04-30 19:39:19
[Download RAW message or body]

There was a discussion about this awhile ago.  Most people seems confused 
with XSS and how it is defined.  I don't see how writting to a file could be 
concidered XSS in any way.

quote from http://online.securityfocus.com/archive/82/263218

"Although very simular to XSS writting SSI, PHP, or any other kind of server 
side language is not XSS, but rather a remote file writting vulnerability.  
The difference is there and I don't feel we should [not] confuse the two.  I 
am not sure if you would call client side scriptting that is saved to a file 
on the server XSS, but I personally do not count it as such."

Wouldn't it be strange if all defacements were really XSS.

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.

[prev in list] [next in list] [prev in thread] [next in thread]