计算机网络技术

Web News, Technology, Science, etc

网络技术是从1990年代中期发展起来的新技术,它把互联网上分散的资源融为有机整体,实现资源的全面共享和有机协作,使人们能够透明地使用资源的整体能力并按需获取信息。

白帽子计算机安全:

Two of Mozilla’s Cross Reference sub-domains suffer from a cross-site scripting (XSS) vulnerability, according to Wang Jing, a mathematics PhD student from School of Physical and Mathematical Science, Nanyang Technological University, Singapore. 
 
  Mozilla are dealing with the vulnerabilities. 
 
Wang said “This means all URLs under the above two domains can be used for XSS attacks targeting Mozilla’s users,” 
 
A reflected XSS attack is typically delivered via email or a neutral web site. The bait is an innocent-looking URL, pointing to a trusted site but containing the XSS vector. If the trusted site is vulnerable to the vector, clicking the link can cause the victim's browser to execute the injected script. 



Details:

http://www.hotforsecurity.com/blog/cross-site-scripting-vulnerability-in-mozillas-cross-reference-sub-domains-10607.html



评论

热度(23)