This is a discussion on Re: CSRF (Was: XSS evasion) - modperl ; Jonathan Vanasco wrote: > > Unfortunately, Amit Klein published some research in July that > > demonstrated how to do this with Flash. So, if your users use > > clients that support Flash (which most do), this is not ...
Jonathan Vanasco wrote:
> > Unfortunately, Amit Klein published some research in July that
> > demonstrated how to do this with Flash. So, if your users use
> > clients that support Flash (which most do), this is not a good
> > safeguard.
>
> Do you have a link to that?
http://webappsec.org/lists/websecuri.../msg00069.html
Chris
--
Chris Shiflett
http://shiflett.org/
