Build AI Apps with Azure, Copilot, and Generative AI — Microsoft Certified
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore advanced web security threats in this 49-minute Hack in Paris conference talk. Delve into sophisticated attacks that bypass traditional cross-site scripting (XSS) protections and JavaScript-based security measures. Discover how attackers can exploit markup tricks to steal sensitive data, including plain-text passwords and CSRF tokens, without executing any JavaScript. Learn about self-spying emails and other malicious techniques that operate beyond the scope of conventional anti-XSS solutions. Gain insights into why disabling scripts and eliminating XSS may no longer provide adequate protection against these emerging threats.
Syllabus
Mario Heiderich Got Your Nose How to Steal Your Precious Data Without Using Scripts
Taught by
Hack in Paris