Home
Latest images
Search
Register
Log inCross-Site Scripting Still Most Common Web Vulnerability
Page 1 of 1
Cross-Site Scripting Still Most Common Web Vulnerability
andry Tue Nov 09, 2010 2:50 am
New WhiteHat Security data shows vulnerability-free Websites start with half, but similar, bugs as sites riddled with bugs
WhiteHat Security's new Website security statistics released today came with a mostly unchanged list of the top 10 vulnerabilities -- cross-site scripting (XSS) is still king -- but also a peek at some characteristics of Websites that are free of vulnerabilities.
Among the 1,364 Websites scanned by WhiteHat and included in the report, 36 percent had no vulnerabilities at all, and 17 percent had never had a serious one. WhiteHat counted 1,800 vulnerabilities. But Jeremiah Grossman, founder and CTO of WhiteHat, says the real tidbit here is what types of bugs the clean sites had eradicated.
"What was striking was not the volume of zero-vulnerability Websites, but that this shows that those that have had vulns [in the past] were characteristically identical to those Websites that do have vulns today," Grossman says. The vulnerability-free sites had experienced the same issues as the bug-ridden ones, he says, demonstrating it is possible to sweep a site clean of vulnerabilities.
More info: http://www.darkreading.com
WhiteHat Security's new Website security statistics released today came with a mostly unchanged list of the top 10 vulnerabilities -- cross-site scripting (XSS) is still king -- but also a peek at some characteristics of Websites that are free of vulnerabilities.
Among the 1,364 Websites scanned by WhiteHat and included in the report, 36 percent had no vulnerabilities at all, and 17 percent had never had a serious one. WhiteHat counted 1,800 vulnerabilities. But Jeremiah Grossman, founder and CTO of WhiteHat, says the real tidbit here is what types of bugs the clean sites had eradicated.
"What was striking was not the volume of zero-vulnerability Websites, but that this shows that those that have had vulns [in the past] were characteristically identical to those Websites that do have vulns today," Grossman says. The vulnerability-free sites had experienced the same issues as the bug-ridden ones, he says, demonstrating it is possible to sweep a site clean of vulnerabilities.
More info: http://www.darkreading.com
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics» Exploiting a cross-site scripting vulnerability on Facebook
» Cross Site Scripting (XSS) at User-Agent
» Webmatic 3.0.3 Multiple cross.site scripting
» XSS-Proxy Cross Site Scripting Attack Tool
» XSS (Cross Site Scripting) Prevention Cheat Sheet
» Cross Site Scripting (XSS) at User-Agent
» Webmatic 3.0.3 Multiple cross.site scripting
» XSS-Proxy Cross Site Scripting Attack Tool
» XSS (Cross Site Scripting) Prevention Cheat Sheet
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum