tag:blogger.com,1999:blog-8503755746105415394.post-72771975141090332007-05-03T07:09:00.000Z2007-05-03T09:30:26.861Z

Request forgery is a familiar attack payload for exploiting stored XSS vulnerabilities. In the MySpace worm, Samy placed a script within his profile which caused any user viewing the profile to perform various unwitting actions, including adding Samy as a friend and copying his script into their own profile. In many XSS scenarios, when you simply wish to perform a particular action with different

PortSwiggerhttp://www.blogger.com/profile/04744809054520271899noreply@blogger.com