The Anatomy of a Cross-Site Scripting Campaign

Cover Image

The Imperva Application Defense Center (ADC) discovered a cross-site scripting (XSS) vulnerability in the .com site. The problem was first found in a hacker forum, which then led to the discovery of the XSS attack server. The XSS attack server is still active. By studying the characteristics of the attack, the ADC was able to detect more XSS cookie stealing campaigns. To date, this campaign has affected more than 3,000 individuals across three unique XSS incidents. While the largest XSS campaign found was a porn site, other types of applications such as online gaming and online forums were compromised in the exact same way.

Vendor:
Imperva
Posted:
Feb 8, 2021
Published:
Aug 23, 2010
Format:
PDF
Type:
White Paper
Already a Bitpipe member? Log in here

Download this White Paper!