2nd CISTI and XSS

Just submmited a 8 page paper for the CISTI (2nd Iberian Conference on Information Systems and Technologies). The paper is called "Security enhancement in a WebGIS application". Basically it describes Chroot, Firewalls (IPtables), Injection prevention of tags/scripts, HTTPS redirection and error message blocking, in a Mapserver system.

Yesterday I was reading on the tech news that 7 out of 10 sites allow XSS attacks (cross-site scripting) were you can for example send SQL tags in the URL (GET) and do some real shit.