What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders
October 4, 2005, dawned cold and clear–somewhere in the world, anyway. Bleary-eyed MySpace users woke from their slumber to log onto the world’s dominant social media platform, eager to friend new people. People like Samy Kamkar. So eager for friends was Samy he dropped a cross-site scripting (XSS) exploit into his MySpace profile.