Steve Jones - SSC Editor (8/12/2013)

---

OCTom (8/12/2013)

---

I may need some educating here. But, is the article Denny Cherry referenced really discussing a SQL injection? It was injecting malicious Javascript to a web page. It seems to me that's different than a SQL injection.

The JS is injected into the database. It's spread the next time a dynamic version of a page is rendered. At least, that's my understanding and how I've seen things spread before.