IFCPP - CISA and FBI release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities

INTERNATIONAL FOUNDATION FOR
CULTURAL PROPERTY PROTECTION

Log in

CISA and FBI release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities

September 23, 2024 4:06 PM | Anonymous

Reposted from EMR-ISAC

On Sept. 17, CISA and FBI released a Secure by Design Alert, Eliminating Cross-Site Scripting Vulnerabilities, as a part of their ongoing effort to reduce the prevalence of vulnerability classes at scale. Vulnerabilities like cross-site scripting (XSS) continue to appear in software, enabling threat actors to exploit them. However, cross-site scripting vulnerabilities are preventable and should not be present in software products.

CISA and FBI urge CEOs and other business leaders at technology manufacturers to direct their technical leaders/teams to review past instances of these defects and create a strategic plan to prevent them in the future.

See Original Post

Contact Us