Forgot your password?

Comment: Re:With all due respect (Score 1) 167

by rehashed (#15902969) Attached to: How to Crack a Website - XSS, Cookies, Sessions

The only reason he needed to "phish" was that this site had a maxlength on the relevant textbox

What on EARTH are you talking about?
So now we are expecting users to type in the relevant Javascript to perform the XSS themselves?
Or are we now performing XSS via XSS, which would depend entirely on guessing whether or not your target had an account, and intended to log in at said web-application before session timeout...
Geez, get a clue!

"How to make a million dollars: First, get a million dollars." -- Steve Martin