If IT admins have the right browser security options for monitoring add-ons, then they can easily avoid things like malicious extensions, cross-site scripting
, and outdated browser vulnerabilities.
* Attackers go after web applications with cross-site scripting
. Cross-site scripting
accounted for 39.3 percent of the top ten exploits in Q3, primarily targeting web applications.
Malicious injection of the code within vulnerable web applications to trick users and redirect them to untrusted websites is called cross-site scripting
The bug bounty programs seeks to address crucial security flaws like Cross-Site Scripting
(XSS), SQL Injection, Misuse/Unauthorized use of MobiKwik's APIs, Improper TLS protection and Leaking of sensitive customer data (especially anything in the scope of PCI).
Veracode's analytics show that 86 percent of PHP-based applications contain at least one Cross-Site Scripting
(XSS) vulnerability and 56 percent have at least one SQL injection (SQLi) when initially assessed by Veracode.
WAF is used to protect web applications against common attacks such as cross-site scripting
and SQL injection.
, Event sniffing and hijacking  belong to Web-based attack while Event simulation, KeyStroke Hijacking and Touch Jacking belong to UI based attack.
This kind of vulnerabilities, such as XSS(Cross-Site Scripting
), SQL injection allow hackers to directly access sensitive and personal information stored in the database.
In addition to protecting a site against cross-site scripting
vulnerabilities and website vandalism, a good application firewall can thwart SQL injection attacks as well.
A recent Hewlett Packard study showed that over 70 percent of connected devices have serious vulnerabilities, including encryption, password, cross-site scripting
, user access, and permission.