Date post: | 02-Jan-2016 |
Category: |
Documents |
Upload: | moris-kennedy |
View: | 217 times |
Download: | 0 times |
Potential Vulnerabilities
Cross Site scripting(XSS)Act of writing malicious scripting code and tricking another
users web Browser into running it using third party’s web server. It
attempts to steal a cookie value of user’session and use it to log into the
website.
<b>foo</b><script language =‘javascript’>
alert(document.cookie)</script>
Potential Vulnerabilities Impersonating user or system Malicious user acts as a legal receiver for the packet and
steals it. The destined receiver does not get a copy of this packets.
Sender Receiver
Cracker
Packet #1“abcde”
References
Java – How to Program-Deitel & Deitel
Web Development with Java Server Pages
-Duane K. Fields, Mark A. Kolb
www.java.sun.com