Cross Site Scripting (XSS)
In this section, we’ll explain what cross-site scripting is, describe the different varieties of cross-site scripting vulnerabilities.
What is cross-site scripting (XSS)?
XSS is a web security vulnerability that allows the attacker to access victim’s data by injecting malicious javascript onto the page. Javascript has access to all your data fo...
Vulnerabilities in Web Applications
Introduction
How is private information leaked from social networking sites? How can someone’s bank account get compromised by just clicking on a link in an email? Why are we advised to not use the same password on different sites? What are those annoying “accept cookie banners” that pop up every time? How do characters in movies get into their...
SQL Injection
What are SQL Queries?
SQL is a standardized language used to access and manipulate databases to build customizable data views for each user. SQL queries are used to execute commands, such as data retrieval, updates, and record removal. Different SQL elements implement these tasks, e.g., queries using the SELECT statement to retrieve data, based ...
Insecure Deserialization
What is serialization and deserialization?
“Serialization is the process of converting complex data structures, such as objects and their fields, into a ‘flatter’ format that can be sent and received as a sequential stream of bytes.” Let’s explain this with an example.
Suppose this is our user object,
$user->name = "carlos";
$user->isLogg...
Cross-site Request Forgery (CSRF)
What is CSRF?
Cross-site Request Forgery is a vulnerability that allows and attacker to induce users to perform actions that they do not intend to perform. For a CSRF attack, three key conditions must be fulfilled:
A relevant action. There is an action with the application that the attacker has a reason to induce.
Cookie-based session handl...
Common CSRF Vulnerabilities
Many times CSRF Vulnerabilities arise due to mistakes in validation of CSRF Tokens.
In this example, suppose that the application now includes a CSRF token within the request to change the user’s password:
...
Content-Length: 68
...
csrf=WfF1szMUHhiokx9AHFply5L2xAOfjRkE&email=wiener@normal-user.com
At a glance, this violates one of the k...
22 post articles, 3 pages.