XSS Archives

April 20, 2006

Security incidents in web-based applications

According to the Web Application Security Consortium (WASC), XSS and SQL injection remain the most popular attack vectors being exploited in public incidents. Further details can be found in the Web Hacking Incidents Database (WHID), which was updated today.

The chart below illustrates the number of public incidents registered per year:

(*): Projected number of incidents for year 2006

A broader list of vulnerabilities is listed in OWASP Top Ten, which ranks the most critical web application security flaws.

Posted by Laurent in Injection, Secure Coding, Security, Technologies, Threats, Web Applications, XSS on April 20, 2006 6:34 PM | Permalink | Comments (0)

March 3, 2006

Anti-XSS Library for .NET

Microsoft released an anti-cross site scripting library for its .NET Framework. It can be freely downloaded here.

Posted by Laurent in Companies and Products, Microsoft, Secure Coding, Security, Threats, XSS on March 3, 2006 8:31 PM | Permalink | Comments (0)

About XSS

This page contains an archive of all entries posted to never-ever-****-with-my.net in the XSS category. They are listed from newest to oldest.

Worms is the previous category.

Many more can be found on the main index page or by looking through the archives.

Author & Licensing

My name is Laurent de la Vaissière. I am an IT Audit and Security consultant working for a professional services firm.
The views expressed on this web site are mine alone and do not necessarily reflect the views of my employer.

This weblog is licensed under a Creative Commons License.

never-ever-****-with-my.net

Sharing information about technology, free software, and IT security primarily!