. home.aspx



Cross-site scripting a top vulnerability, hackers find

May 15, 2018 / Warwick Ashford

Despite the much-publicised advances in cyber attack techniques, a well-known, well-documented and avoidable vulnerability is still the most popular for attackers to exploit – along with others like it that are often overlooked, white hat hackers reveal. Cross-site scripting (XSS) is the most commonly exploited vulnerability, according to HackerOne, currently the largest platform aimed at connecting organisations with a community of white hat hackers who can identify cyber risks, which currently has around 200,000 members. XSS is a type of injection security attack in which an attacker injects data, such as a malicious script, into content from otherwise trusted websites. Cross-site scripting attacks happen when an untrusted source is allowed to inject its own code into a web application, and that malicious code is included with dynamic content delivered to a victim's browser. This is an example of a vulnerability that exists because functionality routinely built into organis...