This may be in the "dumb questions category." But I was wondering if it would be possible to use Firebug to create an XSS attack. It seems to be possible but only in the trivial case of disclosing the attackers information only.
But I was wondering if anyone could see a way to make a non-trivial attack. And how would one defend against such?