With Cross Site Scripting (XSS) the focus changes away from server attacks to user attacks facilitated by the server. This podcast covers the issues involved and additional show notes will be coming shortly.

While your waiting, here is a great resource.

http://www.cgisecurity.com/articles/xss-faq.shtml

 

 Standard Podcast [35:26m]: Play Now | Play in Popup | Download