XSS
RSS XSSSWAP: Mitigating XSS Attacks Using a Reverse Proxy
White Paper Due to the increasing amount of Web sites offering features to contribute rich content, and the frequent failure of Web developers to properly sanitize user input, cross-site scripting prevails as the most significant security threat to... [11 Nov 2009]
The Perils of Cross-Site Scripting (XSS)
White Paper Cross-site Scripting (XSS) attacks are universally seen as the #1 security vulnerability facing web applications. The presenter of this webcast gives an overview on XSS (techniques, consequences and... [01 Oct 2009]
What Is Cross Site Scripting (XSS)?
White Paper Cross site scripting (also known as XSS) occurs when a web application gathers malicious data from a user. High availability is a system design protocol and associated implementation that ensures a certain absolute... [01 May 2009]
XSS Injection
White Paper The main idea and theory behind XSS Injection is getting a malicious script one crafted, to run on a victim's computer via a specially crafted attack due to a vulnerability in the way a server side script parses and... [14 Feb 2009]
Bypassing ASP .NET "ValidateRequest" for Script Injection Attacks
White Paper This feature consists of a series of filters, designed to prevent classic web input validation attacks such as HTML injection and XSS (Crosssite Scripting). The Microsoft .NET framework comes with a request validation... [31 Jan 2009]
TechNet Webcast: How Microsoft Online Services Defends Against Cross-Site Scripting Vulnerabilities (Level 300)
White Paper Cross-Site Scripting (XSS) vulnerabilities are a serious threat to providing Microsoft Online Services customers with a trustworthy computing experience. This webcast explains how inconsistently or poorly integrated... [26 Jun 2008]
TechNet Webcast: How Microsoft Online Services Defends Against Cross-Site Scripting Vulnerabilities (Level 200)
White Paper Cross-Site Scripting (XSS) vulnerabilities are a serious threat to providing Microsoft Online Services customers with a trustworthy computing experience. This webcast explains how inconsistently or poorly integrated... [11 Apr 2008]
Importance of Web Application Firewall Technology for Protecting Web-Based Resources
White Paper While motivations of attackers against a victim's corporate and organizational assets remain the same (financial, IP, identity theft, services disruption, or denial of service, for example), web applications enable a whole new class of... [11 Apr 2008]
Web 2.0 threat looms
Comment XSS is one of the top 10 web application vulnerabilities identified by the Open Web Application Security Project (OWASP), along with injection attacks and malicious file execution. Browser vulnerabilities such as... [26 Nov 2007]
Gmail cookie flaw 'puts email at risk'
News According to Gatford, attackers could compromise a Gmail account - using a cross-site scripting [XSS] vulnerability - if the victim is logged in and clicks on a malicious link. In the last year or so,... [27 Sep 2007]
Live From Redmond: How Hackers Reverse Engineer and Exploit an ASP.NET AJAX Application
White Paper This webcast discusses the threat of Cross-Site Scripting (XSS), what it is and how this dangerous application security defect increases the attack surface of AJAX applications making the XSS threat even... [05 Jul 2007]
Scanning Ajax for XSS Entry Points
White Paper Cross site scripting (XSS) can make browsers vulnerable to critical information hijacking if exploited with malicious intent. XSS is already categorized as persistent, non-persistent and DOM-based. Ajax... [03 Jul 2007]
Web 2.0 security warning for business
News Cross-site scripting (XSS) involves injecting malicious code into pages served by other domains. An attacker can gain access privileges to sensitive page content and session cookies by exploiting XSS... [27 Mar 2007]
Google slams the door on XSS flaw
News Google has patched a cross-site scripting (XSS) vulnerability in one of its web-hosting services. If left unpatched, the vulnerability could have allowed hackers to modify third-party Google documents and spreadsheets,... [17 Jan 2007]
Alert over Adobe Acrobat flaw
News He said: "This vulnerability makes it possible for cross-site-scripting (XSS) attacks to occur, to steal cookies, session information, or possibly create an XSS worm. XSS attacks put... [04 Jan 2007]
