-
New IE vulnerability !!!
A malicious user can create a form which is submitted by the victim (automatically using Active Scripting or manually using Social Engineering). This form can cause a non-HTTP service to echo back JavaScript commands which in turn allow the malicious user to steal the cookie for that domain. There are more uses for this attack, other than just stealing cookies.
Read more at www.xatrix.org
Thanks !!!
-
seems very similiar to the hotmail hack using javascript that requested users to re-enter uid and pass. . .
-
didn't you already post this somewhere else? and one more thing, why do you always cut & paste from xatrix?