Nearly all apps vulnerable to exploit

Share this article:

A new report found that an overwhelming majority of applications – 99 percent – revealed vulnerabilities when tested.

Cenzic, a Campbell, Calif.-based application security company, on Wednesday released the “Cenzic Application Vulnerability Trends Report 2013,” which analyzed data collected by its research team. In addition to 99 percent of all applications tested in 2012 having one or more serious security vulnerabilities, the firm found that the median number of vulnerabilities per application was 13.

According to the report, cross-site scripting (XSS) flaws were detected most often, accounting for 26 percent of all app vulnerabilities last year. When an attacker leverages an XSS vulnerability to exploit an app, they inject it with malicious code to potentially access private user data stored in the browser, like cookies or session tokens.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.