Hi Francisco, It would have been cool to mention Microsoft SharePoint as an example of a popular file sharing system that allows persistent XSS through shared HTML files. i.e.: https://moss.company.foo/_catalogs/users/Attachments/<userID>/evil.html https://moss.company.foo/<siteName>/<SectionName>/evil.html Where 'evil.html' would be a page containing JavaScript. i.e.: <html> <body> <script> alert(document.domain) </script> </body> </html> Thanks for your paper btw. fcorella@xxxxxxxxxx wrote: > Hello, > > I wanted to announce a Pomcor white paper that > looks at attacks through HTML shared files in Web > applications and proposes a countermeasure. These > are essentially XSS attacks, but the usual > defenses against XSS are typically not available, > because shared files cannot be sanitized. > > The paper is available at: > > http://www.pomcor.com/whitepapers/file_sharing_security.pdf > > I have not been able to find much prior work. > What I've found is discussed in Section 2 of the > paper. If I've missed something, please let me > know. > > Thanks, > > Francisco Corella > > > > > ---------------------------------------------------------------------------- > Join us on IRC: irc.freenode.net #webappsec > > Have a question? Search The Web Security Mailing List Archives: > http://www.webappsec.org/lists/websecurity/archive/ > > Subscribe via RSS: > http://www.webappsec.org/rss/websecurity.rss [RSS Feed] > > Join WASC on LinkedIn > http://www.linkedin.com/e/gis/83336/4B20E4374DBA > -- Adrian P. | Senior IT Security Consultant | DDI: +44 (0)207 307 5026 | PGP Key ID: 0x06E653A6
