On Thu, 27 Jul 2006 09:33:50 +0800
"Rick Zhong" <sagiko@gmail.com> wrote:
My question is if the user inputs are not displayed to any other users
ANYWHERE in the application, what's the impact of this XSS
vulnerability? Or are we still consider this as an XSS vulnerability?
Can malicious intruders still take advantage of this?
Yes, it is still considered XSS by many (most?). It's usually only a real
problem if the XSS is exploitable pre-authentication. If it is a pre-auth XSS,
an attacker can use a phishing scenario to collect valid login credentials.
This attack is greatly aided when the site also has SSL, as the user will be
able to verify that they are indeed talking to https://www.theirrealbank.com...
but the content of the page will be controlled by the attacker through the
pre-auth XSS.
There are likely other bad scenarios, but that's the one I usually think of
when I see it.
Robert
--
Robert E. Lee
Chief Security Officer
http://www.outpost24.com
phone: (949) 394-2033
fax : +46-(0)455-13960
email: robert@outpost24.com
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------
