Cross-site scripting/SQL injection attacks have been blamed for numerous data breaches, perhaps most notably the nightmare of the Heartland Payment Systems data breach. This type of attack has been around for at least a decade. However, the growing popularity of Web 2.0 applications and the tendency for programmers to continue with old, insecure code writing techniques make XSS one of the most deadly methods for hackers. Cross-site scripting/SQL injection attacks are all about getting reasonable people to click on a compromised site.
Loading ...
Ridding the Web of the XSS Scourge
Posted by: Jack M. Germain October 19, 2009 06:00 AMCross-site scripting/SQL injection attacks have been blamed for numerous data breaches, perhaps most notably the nightmare of the Heartland Payment Systems data breach. This type of attack has been around for at least a decade. However, the growing popularity of Web 2.0 applications and the tendency for programmers to continue with old, insecure code writing techniques make XSS one of the most deadly methods for hackers. Cross-site scripting/SQL injection attacks are all about getting reasonable people to click on a compromised site.