Nov
9
The folks at the Open Web Application Security Project publish a list of the top 10 vulnerabilities. In a recent CodeBrew I provided a quick overview of them all and spent a good amount of time focusing on the most prevalent vulnerability, Cross Site Scripting (XSS). 
I gave an overview of XSS, stepped through a quick demo (sorry vulnerable site), reviewed the three XSS variations and talked a bit about how to protect one’s site.
References and reading materials were also included in the presentation and, look at that, they are provided here too.
- Open Web Application Security Project
- The OWASP Top Ten Vulnerabilities (pdf)
- OWASP List of Vulnerabilities
- The 56 Geeks Project by Scott Johnson
- ha.ckers.org
- OWASP XSS Prevention Cheat Sheet
- Wikipedia
- Is XSS Solvable?, Don Ankney
- The Anatomy of Cross Site Scripting, Gavin Zuchlinski
by Charles Petzold
by Roy Osherove
