23 Sep
2001
23 Sep
'01
5:23 p.m.
Example: http://www.zope.org/Documentation/<SCRIPT>alert(document.domain)</SCRIPT> http://www.zope.org/lalalalal<SCRIPT>alert(document.domain)</SCRIPT> http://www.zope.org/<SCRIPT>alert(document.cookie)</SCRIPT> For example, an attacker might post a message like Hello message board. This is a message. <SCRIPT>malicious code</SCRIPT> This is the end of my message. When a victim with scripts enabled in their browser reads this message, the malicious code may be executed unexpectedly. Scripting tags that can be embedded in this way include <SCRIPT>, <OBJECT>, <APPLET>, and <EMBED>.