60
Cross Site Scripting (CSS, XSS)
•Target:
steal client cookies, impersonate/session hijacking, loss of privacy
•How: Usually
in parameter values, sometimes in path, and even in Referer
•Log manifestation: HTML tags in path/parameter value/Referer
•Variations:
–<script>...</script>
–<TAG ... javascript:...> (TAG=IMG, DIV, ...)
–<TAG ... &#nnn ... &#xHH ...>
–“> (or ‘>) followed by above
–“ style=background:url(javascript:...)
–“ onerror=...
–etc. etc. etc.
•False alarms: not likely