Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Comment: MITRE Top 25 - XSS most critical software flaw of the year

November 2024 by Sylvain Cortes, VP Strategy at Hackuity

Cross-site scripting has been identified as the most critical software flaw of the past year, according to a recent report from MITRE (https://cwe.mitre.org/top25/) The nonprofit’s latest Top 25 Most Dangerous Software Weaknesses ranking was published on November 20. It covers the most critical flaws listed in the Common Weakness Enumeration (CWEs) catalogue between June 2023 and June 2024. Sylvain Cortes, VP Strategy, Hackuity comment:

“For more than twenty years, XSS vulnerabilities have posed a significant threat to the security of web applications, and they’re still around, and coming out top on Mitre’s Top 25 Most Critical Software Flaws of this year.

They have the potential to allow for some serious damage - think MOVEit Transfer last year.

When exploited cross-site scripting flaws enable an attacker to take over your device or execute data manipulation or theft through malicious code injected into web applications.

I recommend organisations follow CISA’s Secure by Design framework as guidance to strengthen their modern web frameworks and protect them from such threats.”


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts