VIDEO: How Cross-Site Scripting (XSS) Works

XSS vulnerabilities (Cross-Site Scripting vulnerabilities) are often overshadowed by their big cousin, the infamous SQL Injection. This does not make them any less effective or deadly. XSS and SQL Injection attacks are similar in the way they inject malicious code. The difference is that an…

Read more

20 high profile sites vulnerable to XSS attacks

On Thursday morning a post appeared on the popular Full Disclosure Internet discussion group listing XSS vulnerabilities in no less than 20 high profile websites. Amongst the vulnerable are McDonalds, IEEE Explore, Harvard University, and energy.gov. The vulnerabilities were discovered by a hacker who goes…

Read more

Preventing XSS Attacks

Cross Site Scripting (XSS) attacks are amongst the most common types of attacks against web applications. XSS vulnerabilities all fall under the same category, however, a more detailed look at the techniques employed during XSS attacks reveals a multitude of tactics that exploit a variety…

Read more