 |
|
|
The Cross Site Scripting Threat |
|
|
|
By Andreas Wiegenstein, Dr. Markus Schumacher, Xu Jia, Frederik Weidemann |
|
|
|
|
|
Overview |
|
|
|
According to current statistics, Cross Site Scripting (XSS) is one of the most widespread security problems today.
|
|
|
|
Whereas most articles on XSS focus on the technical causes of this security vulnerability, we want to discuss the related damage potential and corresponding business risks.
|
|
|
|
We believe that most companies don't sufficiently deal with Cross Site Scripting. It’s not that they cannot cope with technical aspects, but it’s that they simply underestimate the problem and its impact on their operational business.
|
|
|
|
The purpose of this white paper is to raise awareness among application development teams regarding the business impact of XSS.
|
|
|
|
If you ever asked yourself: "What can actually happen if my Web application has a Cross Site Scripting vulnerability?", this is the article of choice for you.
|
|
|
|
|
|
|
Target Audience |
|
|
|
Everybody dealing with the development and maintenance of applications that use a browser as the user interface, in particular:
- IT Management
- Developers
- Security Trainers
- Security Testers
- CERT Teams
|
|
|
|
|
|
Download white paper |
|
|
|
 The Cross Site Scripting Threat
Version 1.2, 2007/05/10 (PDF, 382 KB)
|
|
|
