Kishor Datar, a graduate student and research assistant with ebiquity research lab in UMBC gave a talk on Cross Site Scripting (XSS) attack. He also talked about PHPIDS, an intrusion detection system that can help prevent this attack.
He gave a very good overview on XSS and PHPIDS.
Since all organizations have web presence today, security of the web applications is important. There is a variety of attacks (Cross Site Scripting (XSS), SQL injection, Command Injections, Forced Browsing etc.) that can be launched against web applications which we need to be aware of. In this talk, I will cover Cross Site Scripting. I will also cover a slightly advanced version of XSS, tools you could use to learn more about XSS, tools that you can use to test your web applications for vulnerabilities. I will also briefly talk about PHPIDS, an IDS written in PHP that helps prevent some of these attacks. Later in the talk, I will cover few interesting hacking techniques that have been newly discovered.
You can grab the slides of the talk here.