2.1 injection attack whereby the attackers input2.1 injection attack whereby the attackers input

2.1 Task 1 (40%)Identify and detail three vulnerabilities that may exist in the system which enable you to achieve your goal. For this task you should think through scenarios that may exist and to detail the conditions needed for the vulnerabilities to exist. Please ensure that you are clear about the assumptions that you make.Cross Site Scripting (XSS)Websites often enable their users to publish content ranging from text to images and videos, this allows the company to gather information on their customers, receive feedback and also create a community of users which can incentivise them to come back. This input is beyond the website owner’s control and this could potentially allow some users to submit harmful content. An example of this is cross site scripting or XSS. This is a form of code injection attack whereby the attackers  input is stored on the target site and then redistributed back to other users who may mistake it for reliable content. Users can be directed towards the vulnerable page which acts as a vehicle for the malicious code, usually JavaScript. Cross site scripting comes in two main types, persistent XSS and reflected XSS. Persistent XSS is where an attacker locates a vulnerability and is able to inject the script directly into the server via, for example a comment box. The code is not shown to the user as it is enclosed within a


I'm Rita!

Would you like to get a custom essay? How about receiving a customized one?

Check it out