Knowledgebase
My site is redirected / There are iframes in my site?
Posted by Dan Moses on 16 July 2007 05:56 PM
Many third party scripts that are available online are not secure. Just like Windows, new vulnerabilities are being searched out every day by hackers. A common attack these days is SQL injection or Cross Site Scripting attacks (XSS).
Cross Site Scripting allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to compromise private information, manipulate or steal cookies, create requests that can be mistaken for those of a valid user, or execute malicious code on the end-user systems. The data is usually formatted as a hyperlink containing malicious content and which is distributed over any possible means on the internet.


Use the following program to see if your site is having insecure code.

http://www.explabs.com/


Integrity Host support can usually remove the injection from your site, but to prevent it, either the vulnerable script will need to be replaced/repaired, or you can have a programmer add the logic of the 4 steps presented below into every page on your site to prevent most XSS attacks from working.

Click here to read the XSS prevention steps.

(971 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).