Medanese IT Geek, movie lover and (mostly) law-abiding citizen. Dreaming of cheap and easy access to ICT, healthcare and education in Indonesia.



XSS (Cross Site Scripting) to XML Injection

Category: IT in General,Security,Web — kamaruddin @ 12:28 pm

Web developer or everyone who’s into web business must be aware and keeping abreast of latest threats to server and application. Recently, WhiteHat Security released “Website Security Statistics Report”. In this whitepaper, Cross Site Scripting a.k.a XSS is on the top of “The Top Ten Vulnerabities”. SQL Injection is on the 5th. XSS surpasses the SQL injection since lots people do not realize/take lightly on the impact. XSS exposes the internet users to remote access/data theft. Generally, it’s also a lot work (compared to sanatizing your database input) to audit your code, examine and test if it’s vulnerable.


• • •
Using modified "Sitepoint-like" Theme. kamaruddin [-at-] gmail *dot* com