On Fri, 20 Feb 2009 12:36:32 +0100, David Gerard <dger...@gmail.com> wrote:
http://research.zscaler.com/2009/02/practical-example-of-cssqli-using.html http://it.slashdot.org/article.pl?sid=09/02/19/2055210
The subject line is rather misleading. It should be pretty clear that if a website is hacked in some way (e.g. XSS) data is exposed to the attacker. This is nothing new however.
-- Anne van Kesteren http://annevankesteren.nl/