Hey Hey,

This is actually from an older blog post that I wrote. To give you a small portion of the difference between Local and Remote vulns and my feelings, I'll quote part of it... but I'd appreciate it if people read the post and the comments... I think this could turn into a rather interesting discussion point...

Local Vulnerability: A vulnerability affecting a client, generally you can think of this as falling into two types. Type 1 is physical access required and Type 2 is user interaction required.

Remote Vulnerability: A vulnerability affecting a remotely available service, or something available via that service.

So... Is XSS a local or a remote? I'll tell you that I'm fairly close-minded on this topic, so unless you've got a fairly compelling reason to argue it's a local, I'll most likely disagree. My answer is remote. Why? The XSS exists in a web page. The web page is hosted on a web server and is remotely available. To me that makes sense, I'm not sure that it can really be disagreed with. An argument for XSS being considered a local is that the client is affected... this seems to make sense. You visit a web page and a pop-up containing 'XSS' suddenly shows up but sit down and consider what happens.
Peace,
HT