Posts tagged XSS

11 min Application Security

XSS in JSON: Old-School Attacks for Modern Applications

This post highlights how cross-site scripting has adapted to today’s modern web applications, specifically the API and Javascript Object Notation (JSON).

9 min Application Security

Overview of Content Security Policies (CSPs) on the Web

A Content Security Policy is a protocol that allows a site owner to control what resources are loaded on a web page by the browser, and how those resources may be loaded.

4 min Application Security

How to Prevent Cross-Site Scripting (XSS) Attacks

Cross-site scripting (XSS) isn’t new, but its impact and visibility are both growing. Here’s what you need to know to protect them from XSS attacks.

6 min Application Security

Should You Use a SAST, DAST, or RASP Application Security Tool?

In this blog, we discuss all things web applications and how to select the right application security solution to keep them safe from attack.

2 min Vulnerability Disclosure

R7-2017-06 | CVE-2017-5241: Biscom SFT XSS (FIXED)

Summary The Workspaces component of Biscom Secure File Transfer (SFT) version 5.1.1015 is vulnerable to stored cross-site scripting in two fields. An attacker would need to have the ability to create a Workspace and entice a victim to visit the malicious page in order to run malicious Javascript in the context of the victim's browser. Since the victim is necessarily authenticated, this can allow the attacker to perform actions on the Biscom Secure File Transfer instance on the victim's behalf.

4 min Vulnerability Disclosure

R7-2016-24, OpenNMS Stored XSS via SNMP (CVE-2016-6555, CVE-2016-6556)

Stored server cross-site scripting (XSS) vulnerabilities in the web application component of OpenNMS [http://www.opennms.org/en] via the Simple Network Management Protocol (SNMP). Authentication is not required to exploit. Credit This issue was discovered by independent researcher Matthew Kienow [http://twitter.com/hacksforprofit], and reported by Rapid7. Products Affected The following versions were tested and successfully exploited: * OpenNMS version 18.0.0 * OpenNMS version 18.0.1 Ope

13 min Vulnerability Disclosure

Multiple Disclosures for Multiple Network Management Systems, Part 2

As you may recall, back in December Rapid7 disclosed six vulnerabilities [/2015/12/16/multiple-disclosures-for-multiple-network-management-systems] that affect four different Network Management System (NMS) products, discovered by Deral Heiland [http://twitter.com/percent_x] of Rapid7 and independent researcher Matthew Kienow [http://twitter.com/hacksforprofit]. In March, Deral followed up with another pair of vulnerabilities [/2016/03/17/r7-2016-02-multiple-vulnerabilities-in-mangeengine-opu

7 min XSS

Cross-site Scripting (XSS) Attacks vs SQL Injection Attacks (SQLi)

A common misunderstanding in the world of Web Application Security is the difference between the consequences of a cross-site scripting [http://4hko.drordi.com/fundamentals/cross-site-scripting/] vulnerability and the consequences of an SQL Injection Attacks (SQLi) [http://4hko.drordi.com/fundamentals/sql-injection-attacks/]. We can even go a step back and say the misunderstanding is on a much broader level; the difference in consequences between a client-side exploitable vulnerability and a ser

4 min Apple

Abusing Safari's webarchive file format

tldr: For now, don't open .webarchive files, and check the Metasploit module, Apple Safari .webarchive File Format UXSS [http://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb] Safari's webarchive format saves all the resources in a web page - images, scripts, stylesheets - into a single file. A flaw exists in the security model behind webarchives that allows us to execute script in the context of any domain (a Universal Cross-site S