HighEdWeb2008 Conference: Infinite Solutions

Session Details

Cross-Site Scripting: What is it, and how can you protect your site from becoming a victim?

TPR5 Technical: Propeller Hats Required Track

Plaster Student Union 317


Cross-site scripting (also referred to as XSS) is currently the number one form of Web attack. From Google to the websites of Obama and Clinton, it seems that no one is immune to attack. In this presentation we’ll explore what cross-site scripting is and how an attack occurs, as well as demonstrate a live exploit. We’ll then discuss why cross-site scripting can be damaging for a website, and we’ll look at methods one can use to prevent a cross-site scripting attack.


Paul Gilzow
Programmer/Analyst-Expert, University of Missouri

Paul Gilzow has been a Web applications programmer for the University of Missouri for the past five years. He currently works for the department of Web Communications. Certified by the SANS Institute in Web Application Security (GWAS), Gilzow frequently works with the campus IT security department to deliver presentations on Web application security topics to fellow developers on campus.