Cross-site scripting using meta information
In a blog entry, Reguly points out that this type of XSS attack is not novel and, for whois services, has already been described on security forums. He nonetheless considers it important that this information is disseminated and that developers and administrators in particular are aware of the issue. Consequently he has put together a presentation (direct download) containing specific examples.
Many other services could be vulnerable to this type of attack in principle. The problem also occurs with many other pieces of meta information which an attacker is able to define and which are queried by a service. This includes HTTP server headers and SMTP server banners.