http://qs1969.pair.com?node_id=146949

A new article on www.perl.com talks about the new mod_perl module Apache::TaintRequest and how to use it against cross-site scripting attacks.

What is Cross Site Scripting?
From the article:

Instead of targeting holes in your server's operating system or web server software, the attack works directly against the users of your site. It does this by tricking a user into submitting web scripting code (JavaScript, Jscript, etc.) to a dynamic form on the targeted web site. If the web site does not check for this scripting code it may pass it verbatim back to the user's browser where it can cause all kinds of damage.



grep
grep> rm -f /bin/laden