January 24 2018 by Kevin Bowersox

The following lesson discusses encoding concerns when protecting an application against cross site scripting vulnerabilities.  The lesson briefly discusses how a mixture of technologies such as HTML, Javascript, Java and JSP must collaborate within an application to mitigate vulnerabilities while remaining functional.

Continue Reading
December 02 2017 by Kevin Bowersox

The following lesson discusses the potential for cross site scripting vulnerabilities to arise when developers misuse jQuery. The lesson briefly discusses jQuery's html() and text() methods before providing a real life example of the attack vector.

Continue Reading