[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] citibank XSS?

From: Thierry Zoller <Thierry@xxxxxxxxx>
Subject: Re: [WEB SECURITY] citibank XSS?
Date: Tue, 25 Jul 2006 18:07:48 +0200

Dear Brian Eaton,


BE> I thought the citibank attack was MITM, no XSS involved.  Am I wrong
BE> on that?  Was XSS used as well?
AFAIK, XSS had no immediate impact on the MITM scenaria, if XSS played
a role _at all_. Sounds like a lot of BS.

-- 
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45  2E57 28B3 75DD 0AC6 F1C7


----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Follow-Ups:
- Re: [WEB SECURITY] citibank XSS?
  - From: Jeremiah Grossman

References:
- [WEB SECURITY] citibank XSS?
  - From: Brian Eaton

Prev by Date: [WEB SECURITY] citibank XSS?
Next by Date: Re: [WEB SECURITY] citibank XSS?
Previous by thread: [WEB SECURITY] citibank XSS?
Next by thread: Re: [WEB SECURITY] citibank XSS?
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site