Cross-site scripting goes primetime

Cross-site scripting attacks are hitting major websites, including MySpace, YouTube, and even venerable oldies like MSN, Dell, and Apple.

XSS attacks were long a tool of cute little script kiddies who malformed sites for the joy of their cute little friends. As a result, some still question how big the threat really is.

Just when you get complacent, someone is going to figure out how to make money from a vulnerability. Then shit hits the fan, and a bunch of overpriced consultants run in to save the day while someone’s multi-million a year ecommerce site flails, frames displaying Winnie-the-Pooh notwithstanding.

XSS, welcome to the corporate world.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.