Terminology

A security flaw is a involuntary weakness despite the developer and in contrary of a malicious flaw. This is a vulnerability, that can be exploited but not designed to be. Usually the developer takes this seriously and release a patch to fix this security flaw. Security flaws are not created but discovered.

Now that you know what is a XSS attack, lets read some Cross-Site scripting examples. Reflected XSS Let’s say an attacker encounter a URL with a parameter containing a message like this: http://example.com/?message=You+are+now+logged-in And the page contains this exact message. This means that anything passed in this parameter named message will be printed in the page. To […]

Backing up or running a backup, is the result of the copying and archiving data so it may be used later to restore the original after a data loss event for example. Backups are useful in 2 situations: Recover data after its loss, deletion or even corruption. Recover data from the past (depending on the data […]

A vulnerability is a weakness. This weakness allows someone to reduce a system’s information assurance. A vulnerability is the intersection of 3 elements: a system susceptibility or flaw, an attacker access to the flaw, an attacker capability to exploit the flaw.

Cross-Site Scripting (XSS) attacks are a type of vulnerability called “injection”. Some malicious scripts can be injected into trusted web sites. XSS attacks occurs when an attacker is sending malicious code, generally in the form of a browser, to a different browser/visitor. The flaws allowing these attacks to succeed are badly widespread and occurs anywhere in any input […]