Network World

The what, who, when, where, why and how of XSS

JavaScript uses DOM, a hierarchical, object-oriented model, to map the elements within a Web page. DOM-based XSS attacks exploit the trust relationships in the DOM model. Once elements are parsed by ...
Dark Reading

Researcher Details New Class Of Cross-Site Scripting Attack

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...