Palisade Magazine

XSS seems to be totally out of place here. According to your own definition a backdoor is "s a secret or unauthorized channel for accessing computer system". XSS is just a way (attack vector) for propagating certain malicious content to other users of the website. XSS can be used to steal (say) authentication credentials but the attacker would has to use these credentials through the "frontdoor" only... no sneaking in through any backdoor for him.

XSS could be classified as a (way of delivering a) trojan but definitely not as a backdoor.

After going through your article"Backdoors and Trojans in Applications".I realized , you havent mentioned anything about torjans...and moreover..I dont agree with your fact that Buffer overflow,cross-site scripting or the troubleshooting are that common backdoor creator..When we talk about backdoors with respect to torjans.we talk about how torjans can be used to establish a backdoor..Torjans such as netbus..and all..and torjans can be sent to any machine by binding with with a program..or downloading mallicous softwares..