Submitted by Ofer Shezaf on 13 January 2009 - 9:11am
A recent post in the ModSecurity mailing list prompted me to discuss a prevailing misconception regarding XSS protection. The poster requests a ModSecurity rule to block several HTML tags include "<li>" and "<marquee>".
Submitted by Ofer Shezaf on 3 September 2007 - 3:38pm
XSS has dominated the Web Hacking Incidents Database statistics page since its inception. The immediate conclusion it that XSS is the most dangerous of them all. Is that so? or is it just a common research error?
