XSS - inject code into a form field or some other part of the system that displays user output, via a spurious email, a link on another site, a hidden wrapped frame, another user's account (for things like Myspace or other community sites that display user input) etc. It's the usual case of ensuring user input is cleaned where necessary.
http://en.wikipedia.org/wiki/Cross_site_scripting On 5/15/07, Claude Schneegans <[EMAIL PROTECTED]> wrote: > >>it's really unlikely that anyone will succeed. > > Ok, but how could he even try? -- mxAjax / CFAjax docs and other useful articles: http://www.bifrost.com.au/blog/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJQ Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:278104 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
