Course Hero Logo

Vunerability scan Report - Hostcogent.docx - Introduction...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 3 out of 6 pages.

IntroductionVulnerability: Can be defined as a flaw or weakness in a security system. This can beexploited by digital assailant and can launch an attack into the system and compromise thesecurity of the available system. Therefore, all organization which deals with assists ofprobative value needs to ensure that their system is secure so that customer can haveconfidence over the company. Therefore, ensure regular audit of the system so that yoursystem can remain robust.Vulnerability 1.Summary Title: Cross-site scripting Dom based attack. This involves injecting maliciouscode of the attacker to the web browser instance. The malicious code is always written inHTML/JavaScript. Therefore, this code executes within the confine of web browsers securityregions. In this privilege mode the attacker can read, write, and transmit the data within thebrowser level.Target:Technical severity:Vulnerability details:CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-siteScripting').
Description & Solution:Applications utilizing browser object instances which load content from the file system mayexecute code under the local machine zone allowing for system compromise . The softwaredoes not neutralize or incorrectly neutralizes user-controllable input before it is placed inoutput that is used as a web page that is served to other users.An attacker could exploit thisvulnerability to inject malicious script into the web page, which would be executed by thebrowser of any user who visited the page.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 6 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
N/A
Tags
World Wide Web

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture