Although very simular to XSS writting SSI, PHP, or any other kind of server side language is not XSS, but rather a remote file writting vulnerability. The difference is there and I don't feel we should confuse the two. I am not sure if you would call client side scriptting that is saved to a file on the server XSS, but I personally do not count it as such. Here is a few other things for your paper. you can redirect the user to a url or submit form data. very dangerous if the user is allowed to do things like change their password when they are logged in without having to supply their password. session theft. read field data or html. can be dangerous if a users password, credit card number, real name, or other sensitive information is printted to the same page(s) the XSS has access to. you can change the html of a page. dangerous for example if the user is supposed to input their username and password, you can change where the form is sent, making it instead a logging script set up on your server. Matt Priestley mentioned session theft. Which was what most of these have have to deal with, also you can grab the current url. Which can sometimes hold sensitive info - usernames, passwords, session ids, etc. _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com
This archive was generated by hypermail 2b30 : Wed Mar 20 2002 - 21:01:36 PST