Hi all, I'm working on a CSS paper, and I was wondering, what are the real implications of a CSS attack. When some site is vuln to a CSS problem, you're able to execute code on the web. I've thought about the implications of this. First of all: - You can steal cookies from users - You can send bogus links faking the original site: i.e http://site/vuln.php?query=