Cross Context Scripting with Firefox
Page 1 of 1
Cross Context Scripting with Firefox
Cross Context Scripting (XCS) is a term coined for a browser based content injection in the Firefox chrome zone.This term was originally used by researcher Petro D. Petkov (pdp),when David Kierznowski found a vulnerability in the Sage RSS Reader Firefox extension1. XCS injection occurs between different security zones,an untrusted and a trusted zone.The untrusted zone is not trusted by the browser - this can be an Internet page located on a remote server,for example.Firefox also has a trusted zone,named Chrome. Chrome allows extensions to access and interface with core components of Firefox,such as XPCOM.In this manner,extensions can provide extra functionality to the user and extend the web browsers capability.
Download PDF
Download PDF
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» Cross Site Scripting (XSS) at User-Agent
» Cross-Site Scripting Still Most Common Web Vulnerability
» Webmatic 3.0.3 Multiple cross.site scripting
» XSS-Proxy Cross Site Scripting Attack Tool
» XSS (Cross Site Scripting) Prevention Cheat Sheet
» Cross-Site Scripting Still Most Common Web Vulnerability
» Webmatic 3.0.3 Multiple cross.site scripting
» XSS-Proxy Cross Site Scripting Attack Tool
» XSS (Cross Site Scripting) Prevention Cheat Sheet
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|