Cross Site Tracing
This type of attack can occur when the there is an XSS vulnerability and the server supports HTTP TRACE.
Avoidance and mitigation
- Disable HTTP Trace on your web server
- Prevent any XSS on your web site
Examples and References
- Cross-Site Tracing (XST): http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf