http://blogs.msdn.com/dross/archive/2008/03/10/xss-focused-attack-surface-reduction.aspxAll web browsers expose what have been referred to as XSS “attack vectors” – various techniques that XSS attacks can leverage to achieve script execution. The best and most well regarded list of these behaviors is RSnake’s XSS Cheat Sheet . The existenceen-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.msdn.com/dross/archive/2008/03/10/xss-focused-attack-surface-reduction.aspx#8366228Mon, 07 Apr 2008 22:15:16 GMT91d46819-8472-40ad-a661-2c78acb4018c:8366228ha.ckers.org web application security lab - Archive &raquo; IE8.0 US-ASCII and Other Stuff<p>PingBack from <a rel="nofollow" target="_new" href="http://ha.ckers.org/blog/20080407/ie80-us-ascii-and-other-stuff/">http://ha.ckers.org/blog/20080407/ie80-us-ascii-and-other-stuff/</a></p> http://blogs.msdn.com/dross/archive/2008/03/10/xss-focused-attack-surface-reduction.aspx#8681607Wed, 02 Jul 2008 19:04:06 GMT91d46819-8472-40ad-a661-2c78acb4018c:8681607IEBlog<p>Hi, I'm David Ross, Security Software Engineer on the SWI team. I’m proud to be doing this guest post</p> http://blogs.msdn.com/dross/archive/2008/03/10/xss-focused-attack-surface-reduction.aspx#8687753Fri, 04 Jul 2008 10:25:34 GMT91d46819-8472-40ad-a661-2c78acb4018c:8687753random dross<p>It's great to see some positive reaction to the potential of our XSS Filter. Now we just need to deliver!</p> http://blogs.msdn.com/dross/archive/2008/03/10/xss-focused-attack-surface-reduction.aspx#8884045Thu, 21 Aug 2008 11:34:41 GMT91d46819-8472-40ad-a661-2c78acb4018c:8884045Ruud de Jonge<p><a rel="nofollow" target="_new" href="http://blogs.technet.com/swi/archive/2008/08/19/ie-8-xss-filter-architecture-implementation.aspx">http://blogs.technet.com/swi/archive/2008/08/19/ie-8-xss-filter-architecture-implementation.aspx</a> Recently</p>