Demonstrating the consequences of XSS vulnerabilities
High risk vulnerabilities such as SQL Injection can be easily demonstrated by security analysts to developers or business executives. For example, a xp_cmdshell request injected into an application vulnerable to SQL Injection can be used to demonstrate how an attacker can abuse SQL injection to obtain a command prompt from the host running the (Microsoft) SQL server. Such demonstrations have major visual impact and the consequences of the vulnerabilities are clear.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.