Advanced cross site scripting and client automation

[Free CISSP Exam Study Guide] Get expert advice that will help you pass the CISSP exam: sample questions, summaries of all 8 CISSP domains and more!

This paper discusses one method of exploiting POST variables vulnerable to cross site scripting and secured areas protected by a temporary session. Following a natural progression of the method of exploitation I arrived at client automation, the forcing of a client to submit a form in effect allowing an attacker to change settings for a client.

Download the paper in PDF format here.