Guest Kabron Posted January 5, 2011 Report Share Posted January 5, 2011 In his demonstration at 7Safe’s IT Security Knowledge Share Evening, Consultant, Aleksander Gorkowienko showed the audience a real life exploitation scenario of XSS flaw which is one of the vulnerabilities most frequently found during everyday penetration testing. The live demo illustrated how an attacker may exploit Persistent Cross-Site Scripting flaw, steal a user’s cookie then takeover his session and access sensitive information (e.g. bank statements).Video : Penetration Testing: Cross-Site Scripting Explained – 7Safe, Aleksander Gorkowienko Quote Link to comment Share on other sites More sharing options...
