http://adventuresinsecurity.com/blog Information Security Management for Business Managers Mon, 19 Feb 2007 16:08:58 +0000 http://wordpress.org/?v=2.8.4 en hourly 1 http://adventuresinsecurity.com/blog/2007/02/16/scan-ajax-for-xss-entry-points/ http://adventuresinsecurity.com/blog/2007/02/16/scan-ajax-for-xss-entry-points/#comments Fri, 16 Feb 2007 15:28:49 +0000 Tom Olzak http://adventuresinsecurity.com/blog/?p=113 Cross site scripting (XSS) is a big problem in web application environments.  In fact, the 2007 OWASP Top Ten list of web application vulnerabilities has XSS at #1.  In a recent paper, Shreeraj Shah, founder of Net Square, describes in detail the process for protecting applications developed using the AJAX framework.  It also includes scripts to automatically scan code for XSS vulnerabilities.  The paper can be found here.

]]> http://adventuresinsecurity.com/blog/2007/02/16/scan-ajax-for-xss-entry-points/feed/ 0