XSS, CSRF & Other Vulnerabilities in CubeCart Web Application This article explains in details the various vulnerabilities Netsparker’s security researchers identified in CubeCart, an open source ecommerce solution.
Preventing Cross-site Scripting Vulnerabilities When Developing Ruby on Rails Web Applications This article uses examples to explain how to develop secure web applications in Ruby on Rails that are not vulnerable to cross-site scripting vulnerabilities.
Steam Gaming & Entertainment Platform Vulnerable to Cross-site Scripting Vulnerability This article looks into the technical details of the cross-site scripting vulnerability (XSS) that the Steam entertainment platform was vulnerable to. It also explains how the attackers could exploit this vulnerability.
An XSS Vulnerability is Worth up to $10,000 According to Google Google are willing to pay up to $10,000 to anyone who discovers a cross-site scripting vulnerability in one of their web applications. Why are Google doing so? Definitely not by coincidence. By exploiting a cross-site scripting vulnerability a malicious hacker can easily gain administrative access on a web application, gain control over it and where possible infiltrate deeper into the corporate network. Read this blog post for more information about the impact an exploited XSS can have on your business.
Web Application Security Misconception; Are All Vulnerabilities Equally Dangerous? In this web application security blog post, Robert Abela talks about a common misconception in the web security industry; are all vulnerabilities equally dangerous? Abela explains and answers this common misconception using an example with two of the most popular web application vulnerabilities typically listed in OWASP Top 10; Cross-site scripting (XSS) and SQL Injection.
