Рет қаралды 57,174
In this video we talk about the first JavaScript vulnerabilities in 1997, and how the field was dominated by three "XSS" legends.
Bugtraq 1997 - LoVerso: seclists.org/bugtraq/1997/Jun/88
LoVerso Website: web.archive.org/web/199706071...
LoVerso dir.html PoC: web.archive.org/web/199706071...
Tasty Bits from the Technology Front: web.archive.org/web/199708032...
TBTF about Netscae 2.0b3: web.archive.org/web/199708032...
Scott Weston on TBTF: web.archive.org/web/199708032...
Bugtraq about Bug Bounty 1995: seclists.org/bugtraq/1995/Oct/12
Episode 01: • The Same Origin Policy...
Episode 03: • The Age of Universal XSS
Episode 02:
00:00 - Intro
00:45 - First JavaScript Vulnerability
02:00 - John Robert LoVerso
03:19 - First Directory Browse Vulnerability
04:16 - Comparison to My Exploit
05:13 - John Tennyson
05:44 - Tasty Bits from the Technology
06:16 - Netscape's Bug Bounty
06:48 - Scott Weston history stealing
08:12 - The Three Legends of JavaScript Security
08:59 - The Year 1996
09:31 - JavaScript can't claim to be secure
10:25 - ECMAScript: JavaScript Specification
11:13 - Next Episode Teaser
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow