Simon Willison’s Weblog

Mozilla causing XSS in Livejournal. Their recent worm attack was caused by the -moz-binding CSS property.

Posted 22nd January 2006 at 9:37 pm

Recent articles

Cooking with Claude - 23rd December 2025
Your job is to deliver code you have proven to work - 18th December 2025
Gemini 3 Flash - 17th December 2025

css 230 livejournal 9 mozilla 114 security 570 xss 60

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe