Tags » Cross-site Scripting

Security threat - Broken authentication & session management

Application functions related to authentication and session management are often not implemented correctly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities. 420 more words


Security Threat - Cross-site scripting (XSS)

Cross-site scripting (XSS) is when an application sends untrusted data to the web browser than can be interpreted as a piece of code. This way, attackers can execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. 425 more words


Twitter jumps to block XSS worm in Tweetdeck

The Twitters were a twitting this morning over a newly discovered cross-site scripting (XSS) flaw in the popular Tweetdeck software owned by Twitter itself.

What is cross-site scripting? 284 more words