The Anatomy of a Cross-Site Scripting Campaign

The Anatomy of a Cross-Site Scripting Campaign

Cover

The Imperva Application Defense Center (ADC) discovered a cross-site scripting (XSS) vulnerability in the .com site. The problem was first found in a hacker forum, which then led to the discovery of the XSS attack server. The XSS attack server is still active. By studying the characteristics of the attack, the ADC was able to detect more XSS cookie stealing campaigns. To date, this campaign has affected more than 3,000 individuals across three unique XSS incidents. While the largest XSS campaign found was a porn site, other types of applications such as online gaming and online forums were compromised in the exact same way.

Vendor:
Imperva
Posted:
23 Aug 2010
Published:
23 Aug 2010
Format:
PDF
Length:
4 Page(s)
Type:
White Paper
Language:
English
Already a Bitpipe member? Login here

Download this White Paper!

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy