online book store course name: web security project 1 presented by amruta raichurkar videhi patel
TRANSCRIPT
Potential Vulnerabilities
Cross Site scripting(XSS)Act of writing malicious scripting code and tricking another
users web Browser into running it using third party’s web server. It
attempts to steal a cookie value of user’session and use it to log into the
website.
<b>foo</b><script language =‘javascript’>
alert(document.cookie)</script>
Potential Vulnerabilities Impersonating user or system Malicious user acts as a legal receiver for the packet and
steals it. The destined receiver does not get a copy of this packets.
Sender Receiver
Cracker
Packet #1“abcde”
References
Java – How to Program-Deitel & Deitel
Web Development with Java Server Pages
-Duane K. Fields, Mark A. Kolb
www.java.sun.com