Browsing Author: Chris Eng

Squashing Ants: The Dynamics of XSS Remediation

By Chris Eng[img_assist|nid=6858|title=|desc=|link=none|align=left|width=100|height=100]Is anyone else getting tired of hearing excuses from customers — and worse yet, the security community itself — about how hard
it is to fix cross-site scripting (XSS) vulnerabilities? Oh, come on.
Fixing XSS is like squashing ants, but some would have you believe it’s
more like slaying dragons. I haven’t felt inspired to write a blog
post in a while, but every once in a while, 140 characters just isn’t
enough. Grab your cup of coffee, because I may get a little rambly.

InfoSec Insider
07/15/18 7:00
QNAP urged its customers to update after researchers found multiple #vulnerabilities in its web console:

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.