Web Application Vulnerabilities Continue to Grow, Imperva Reports
January 09, 2019 / Sean Michael Kerner
2018 was not a good year for web application vulnerabilities, with 17,142 reported issues, according to a report released on Jan. 9 by Imperva. The 2018 tally for web application vulnerabilities represents a 21 percent year-over-year increase from 2017. There are multiple types of web applications vulnerabilities, among the most common being Cross Site Scripting (XSS) vulnerabilities, which doubled in 2018 and represented 14 percent of reported issues. The top issue, however, was injection vulnerabilities, which grew by a staggering 588 percent year-over-year and represented 19 percent of web applications vulnerabilities reported in 2018. "Microsoft and IBM had a major influence as more injection vulnerabilities were published in 2018 than in 2017," Nadav Avital, research manager of threat analytics at Imperva, told eWEEK. In an injection vulnerability, code or data is injected into a web application data path leading to some form of unexpected result.