Paper: The XSS Epidemic: Tools for discovery and remediation

Written by Russ McRee,

Tuesday, 29 April 2008

Russ's latest toolsmith column for ISSA Journal is a very interesting read about cross-site scripting.


Paper: XSS Vulnerabilities in Common Shockwave Flash Files

Written by Rich Cannings, Google Security Team

Friday, 18 April 2008

Technical information about cross-site scripting vulnerabilities in SWF files.


Paper: Defend Against Black Hat SEO: Your Web Host Can Help

Written by Frederick Townes,

Friday, 11 April 2008

This great article gives insight into ways to defend against Black Hat SEO and what black hat SEOs can achieve when your website is vulnerable to cross-site scripting.


Paper: How to Fix a XSS Vulnerability in PHP Source Codes

Written by Langy,

Friday, 28 March 2008

Langy explains very well how to fix XSS vulnerabilities using htmlentities, htmlspecialchars and stip_tags PHP functions. Plain and simple ways that fix 99% of XSS vulns.


Paper: Cross Site Scripting - Attack and Defense Guide

Written by Xylitol,

Tuesday, 26 February 2008

An article about the basics of cross-site scripting.


Paper: In-Depth Analysis of Yahoo! Authentication Schemes

Written by SlicK,

Sunday, 6 January 2008

SlicK from Romanian Security Team, has written a very interesting paper about the way Yahoo! authenticates their users. Provides and in-depth analysis and explanation of Yahoo! cookies. It also includes the PHP code of the "yahoo64" algorithm.


1 2 3 4 5 


45884 total xss
14724 special xss
3026 fixed
5328 xss onhold
2913 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.