Thursday, October 10, 2013

How to Prevent Cross-Site Scripting Attacks

Cross-site scripting (XSS) is one of the most dangerous and most often found vulnerabilities related to web applications. Security researchers have found this vulnerability in most of the popular websites, including Google, Facebook, Amazon, PayPal, and many others. If you look at the bug bounty program closely, most of the reported issues belong to XSS. To prevent cross-site scripting, browsers also have their own filters, but security researchers always find ways to bypass those filters. This vulnerability is generally used to perform cookie stealing, malware spreading, session hijacking, and malicious redirection. In this attack, the attacker injects malicious JavaScript code into the website so that the browser executes the script and performs action as commanded by the attacker in the script. The vulnerability is easy to find but hard to patch. This is why it can be found in any website if you try.
In this post, we will see what a cross-site scripting attack is and how to create a filter to prevent it. We will also see few open source libraries that will help you in patching Cross-site Script vulnerability in your web application.
=> Read More

1 comment:

  1. Thanks a lot for sharing such a detailed Website with more knowledge.I want to learn Cyber Security and Malware Analysis.So What are some good, free resources to learn?


Support : Relax Viet
Copyright © 2013. Security24h - All Rights Reserved
Design by Namkna
Best View Resolution 1024 x 768 pixel