ZeroBin XSS Vulnerability Patched in 0.19

Sébastien Sauvague has just informed me that he has released Version 0.19 to address the Cross-Site Scripting vulnerability that I wrote about in my previous blog post. You can find it at https://github.com/sebsauvage/ZeroBin/releases/0.19 Websites that host the ZeroBin software should update to this latest version.  Although the more modern browsers may mitigate … Continue reading

ZeroBin as a XSS Attack Platform

What if you could have hundreds of websites from which to launch an encrypted cross-site-scripting attack? What if the webservers could store the XSS attack code for you but could not decrypt it? What if the encrypted code could be set to expire after a set time or immediately after … Continue reading

  • The postings and views on this site are my own and do not necessarily reflect the positions, strategies, or opinions of any current or previous employer.