Home » Story links » Param's story links

Automating web application security testing

Link: http://googleonlinesecurity.blogspot.com/2007/07/automating-...
Points: 400 views User: Param Comments: 1 Comments Tag:

Cross-site scripting (aka XSS) is the term used to describe a class of security vulnerabilities in web applications. An attacker can inject malicious scripts to perform unauthorized actions in the context of the victim's web session. Any web application that serves documents that include data from untrusted sources could be vulnerable to XSS if the untrusted data is not appropriately sanitized. A web application that is vulnerable to XSS can be exploited in two major ways.


Email: Email this Story to a Friend

I had high expectations as

Submitted by Param on Tue, 2007-07-17 13:52.

I had high expectations as this was from Google security blog, however its just a recap of 2004 year information.... Seems like they have a lot of catching up to do ;)

»

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.