New site catalogs XSS vulnerabilities

A new online archive is gaining popularity among security researchers as a go-to source to anonymously submit cross-site scripting vulnerabilities uncovered from across the Web. In less than two weeks, the site has amassed enough reported vulnerabilities to cast doubt on the security of dozens of high-profile companies' websites.

Having only received its first confirmed submission on June 18, XSSposed.org has tallied more than 300 confirmed cross-site scripting (XSS) vulnerabilities across hundreds of sites since its inception.

A typical submission provides the vulnerable URL, information on when the vulnerability was verified by the site's as-yet-unnamed administrators, whether the flaw has been fixed since it was first disclosed and the Google and Alexa rankings of the vulnerable domain.

CloudWALL WAF | Web Application Firewall protects Web applications at the very edge of the Internet as opposed to inside the datacenter. Our solution shields an organization’s network from the growing number of application-layer attacks and prevents the loss of valuable corporate and customer data. In addition to proven attack defenses, the CloudWALL WAF | Web Application Firewall aids in compliance with information security regulations, such as PCI-DSS.

Find more details at www.cloudwall.tk/waf


Post a Comment