Self XSS, but Useful

Ben says: 'While testing a web app used by multiple groups, the question came up "can members of group A attack members of group B?" It took some serious tinkering, but by chaining the otherwise useless (but widespread) exploits of self-xss and login-csrf, an attack was found. This talk (and demo!) details the necessary components, how they work, and how they come together to cross "group boundaries" on websites. While the talk will be highly technical, terms and techniques will be explained and should be approachable by anyone who has logged into a website before.'

And Tracy from Checkpoint will be bringing some snax, so come hungry and ready to learn.