Cross-site tracing
This article needs additional citations for verification. (July 2007) |
In web security, cross-site tracing (abbreviated "XST") is a network security vulnerability exploiting the HTTP TRACE method.
XST scripts exploit ActiveX, Flash, or any other controls that allow executing an HTTP TRACE request. The HTTP TRACE response includes all the HTTP headers including authentication data and HTTP cookie contents, which are then available to the script. In combination with cross domain access flaws in web browsers, the exploit is able to collect the cached credentials of any web site, including those utilizing SSL.
External links
See what we do next...
OR
By submitting your email or phone number, you're giving mschf permission to send you email and/or recurring marketing texts. Data rates may apply. Text stop to cancel, help for help.
Success: You're subscribed now !