Why XSS Vulnerabilities Do Matter…

“What matters in the end is that these products aren’t â€Å”defective” and not even truly insecure. They’ve been modified the way the language allows for them to be modified, no more no less.” – http://neosmart.net/blog/archives/194 I really like to temper my posts with politeness and general levels of respect, but I simply cannot in this case. Neosmart.com’s objections that XSS really is not a vulnerability are both ludicrous and dangerous. First, the insinuation above that states “they have been modified the way the language allows for them to be modified” is true, but is certainly not an accurate measure of vulnerability. Any language can be exploited if...