Here's one more trick up hackers' sleeves
Whereas buffer overflows offer malicious users a way to take control of your computer, XSS rarely causes your system to be hijacked. Rather, XSS is an indirect way for a malicious attacker to fool you into revealing personal information, or exploiting a secondary vulnerability on your desktop browser or within a Web site's server.
XSS allows malicious users to hijack your Web-based e-mail accounts, manipulate your customer settings on a site, or steal information sent in cookies, which may include your bank account, credit card, or Social Security number.
[ Read more ]