CyberNews Briefs

Cross-Site Scripting Errors Continue to Be Most Common Web App Flaw

New research by bug bounty firm HackerOne shows that cross-site scripting (XSS) vulnerabilities are still the most common type of security flaw found in web applications. XSS flaws can enable attackers to inject malicious code into websites in order to steal sensitive information from users.

Miju Han of HackerOne says that “of the $55 million that bug hunters in HackerOne’s program have earned so far in total, some $8 million has been from reporting XSS vulnerabilities alone.” While XSS attacks have been happening since the 1990s, many websites remain vulnerable, and Han believes that “XSS is here to stay.”

Read more: Cross-Site Scripting Errors Continue to Be Most Common Web App Flaw

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.