[VIM] NIST.org - XSS Hall of Shame (fwd)
security curmudgeon
jericho at attrition.org
Mon Nov 20 15:48:31 EST 2006
On the topic of site specific vulnerabilities.. this list is interesting.
Not only the size of the list, but the fact that NIST is publishing it and
acting as a watchdog of sorts.
---------- Forwarded message ----------
http://www.nist.org/nist_plugins/content/content.php?content.61
"The web domains below have all been identified as having XSS
vulnerabilities. They are listed here as a public service to promote a
prompt resolution to the problem. XSS hurts others, not the sites or
companies listed here. If the problem has been fixed we will note it as
such, if new vulnerabilities are found a new entry will be added. We do
not indicate what page or module on the server is vulnerable and we do not
include example code as we do not wish to encourage phishing attacks."
More information about the VIM
mailing list