Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

XSS flaw problem needs to be urgently addressed

Fortify : 12 June, 2008  (Technical Article)
Fortify is calling on the IT security industry to make a consolidated attack on cross site scripting flaws before the problem becomes unmanageable
Fortify Software says that the issue of cross-site scripting flaws needs to be tackled by the Internet and IT security industry in particular, before it gets out of hand.

'A report out this week from security watchdog XSSed has identified no less than 30 cross-site scripting flaws across the sites of McAfee, Symantec and Verisign. The flaws are notable, as they can be used to engineer frauds and/or malware infections on site visitor's PCs,' said Rob Rachwald, Fortify's director of product marketing.

'They are also notable because they have been discovered on IT security vendor's sites, so there's a strong chance that similar flaws exist on many other company's portals,' he added.

According to Rachwald, the security industry has had a track record of playing down cross-site scripting flaws, but XSSed's report indicates that the problem needs addressing, and addressing quickly.

'Failure to address this problem in a timely manner could see a recurrence of major site hacks using XSS flaws seen on the likes of MySpace and Paypal,' he said.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo