Computerworld

IE URI encoding behavior facilitates XSS attacks, researchers say

An inconsistency in how Microsoft’s Internet Explorer (IE) encodes double quotes in URIs (uniform resource identifiers) can facilitate cross-site scripting (XSS) attacks, researchers from security ...
CRN

Google Desktop Vulnerability Fixed

Google Desktop, which extends Google's Web search and indexing functions to local PC hard drives, is susceptible to a cross-site scripting attack (XSS) because of its failure to properly encode output ...