Home Resources Blog Same Web-Based Vulnerabilities Still Prevalent After Nine Years

Same Web-Based Vulnerabilities Still Prevalent After Nine Years

Admin Globaldots
27.07.2018
image 1 Min read

Analysis of vulnerabilities discovered by NCC Group researchers over the last nine years found that instances of common web-based vulnerabilities have largely refused to fall over during this time, with cross-site scripting (XSS) vulnerabilities appearing the most frequently.

The global cyber security and risk mitigation expert found that despite this type of vulnerability being understood across the industry for decades, XSS flaws, which enable attackers to inject malicious scripts into websites or victim browsers, still account for 18% of all bugs logged.

However, some classes of bugs have become almost non-existent, including format string flaws, in which submitted data is evaluated as a command by the application, as well as some memory-related flaws, and flaws that allow the exploitation of XML applications and services.

Overall, the team uncovered vulnerabilities in 53 different categories, and found that there was an increase in the number of bugs targeting complex applications and hardware. This included deserialization flaws – when untrusted data is used to abuse the logic of an application and inflict DDoS or remote code attacks – and the exploitation of multiple low-risk issues in a chain across a complex web application, resulting in full, unauthorised control.

Image Source

Read more: Help Net Security

Learn More

You’ll Need Zero Trust, But You Won’t Get It with a VPN
SD-WAN and SASE
Eyal Webber Zvik, Cato Networks 12.01.23

Properly implemented, a zero trust architecture provides much more granular and effective security than legacy security models. However, this is only true if a zero trust initiative is supported with the right tools. Legacy solutions, such as virtual private networks (VPNs), lack the capabilities necessary to implement a zero trust security strategy. Zero Trust Security is […]

Read more
4 Ways Where Remote Access VPNs Fall Short
SD-WAN and SASE
Eyal Webber Zvik, Cato Networks 09.01.23

The Global Content Delivery Network (CDN) market is expected to grow by $42.4 billion between now and 2032.

Read more
slider item
Content Delivery Network (CDN)
Francesco Altomare, Southern Europe Regional Manager @ GlobalDots 04.01.23

A Content Delivery Network (CDN) is a globally distributed network of web servers or Points of Presence (PoP) whose purpose is to provide faster content delivery. The content is replicated and stored throughout the CDN so the user can access the data that is stored at a location that is geographically closest to the user. […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo