WebProNews » XSS http://www.webpronews.com Breaking News in Tech, Search, Social, & Business Mon, 13 Feb 2012 00:06:57 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 Got Text Input? Better Check For Holes http://www.webpronews.com/got-text-input-better-check-for-holes-2008-06 http://www.webpronews.com/got-text-input-better-check-for-holes-2008-06#comments Mon, 16 Jun 2008 23:41:50 +0000 WebProNews Staff http://www.webpronews.com/?p=45885 Google’s noteworthy antispam engineer Matt Cutts discussed the issue of cross-site scripting (XSS) flaws, as vulnerable sites have infected pages popping up in the dominant search engine’s results pages.

Failing to sanitize input properly with one’s web application could lead to XSS exploits on the pages displayed by your website. These pages also find their way into search engines like Google, potentially exposing them to an even broader audience.

When that happens, visitors to those pages may be connected to malware downloads. Such malware may steal personal information from the corrupted machine, or make it a node on a botnet for the purpose of attacking or spamming others.

XSS is bad juju, folks, Cutts said so too, as he called for webmasters to look at their text boxes, especially search boxes, for possible problems:

If you

]]> http://www.webpronews.com/got-text-input-better-check-for-holes-2008-06/feed 1