March 08, 2013

Nearly all apps vulnerable to exploit

A new report found that an overwhelming majority of applications – 99 percent – revealed vulnerabilities when tested.

Cenzic, a Campbell, Calif.-based application security company, on Wednesday released the “Cenzic Application Vulnerability Trends Report 2013,” which analyzed data collected by its research team. In addition to 99 percent of all applications tested in 2012 having one or more serious security vulnerabilities, the firm found that the median number of vulnerabilities per application was 13.

According to the report, cross-site scripting (XSS) flaws were detected most often, accounting for 26 percent of all app vulnerabilities last year. When an attacker leverages an XSS vulnerability to exploit an app, they inject it with malicious code to potentially access private user data stored in the browser, like cookies or session tokens.

Related Articles
Related Topics

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.