In this section, we'll cover the most epic, the most egregious, the most utterly bewildering XSS bloopers.
When you forget to check for reference errors in your JavaScript, this is what you get.
Injecting SQL into your website's database? That's just the tip of the bloop.
Cross-Site Request Forgery, because who needs security, anyway?
The mother of all bloopers, because who needs a secure website?
Inclusion of remote files? Sounds like a good idea, until it's not.
Twice the bloop, half the fun.