

HTTP Status Code XSS - jagracey
http://tools.seobook.com/server-header-checker/?url=security.gracey.ca

======
jagracey
Approximately 3/4 of the top 30 status code checking tools are all vulnerable
against basic XSS. Thought I'd share this rather fun method. Checkout "netcat
security.gracey.ca 1500" for details.

------
general_failure
Always sanitize your input, people.

