If you ever wanted to know how cross-site scripting works, look no further. The video was created by Aleksander Gorkowienko, a database and application security expert with the company 7safe.
In “Cross-Site Scripting Explained”, Aleksander simulates an XSS attack against a fictitious online financial company. He demonstrates how a hacker could jump from one authenticated user (using a password and a PIN) to another using PHP Session cookies.
This demonstrates why it is important to test web applications for vulnerabilities like XSS. The video is definitely a must see!
For more information, check out Aleksander’s website IT Security Lab.