Simon Willison’s Weblog

Why are XSS attacks spreading like fire these days?

My answer to Why are XSS attacks spreading like fire these days? on Quora

XSS attacks are common and easy, and crop up all the time. What’s new is that the number of people who are aware of the potential for XSS worms has increased hugely, so when an XSS does crop up in something popular there’s a much higher chance of someone turning it in to a worm (as happened with Twitter the other day).

The story of the MySpace XSS worm from a few years ago is always fun to read: http://namb.la/popular/