Nearly all apps vulnerable to exploit

Share this article:

A new report found that an overwhelming majority of applications – 99 percent – revealed vulnerabilities when tested.

Cenzic, a Campbell, Calif.-based application security company, on Wednesday released the “Cenzic Application Vulnerability Trends Report 2013,” which analyzed data collected by its research team. In addition to 99 percent of all applications tested in 2012 having one or more serious security vulnerabilities, the firm found that the median number of vulnerabilities per application was 13.

According to the report, cross-site scripting (XSS) flaws were detected most often, accounting for 26 percent of all app vulnerabilities last year. When an attacker leverages an XSS vulnerability to exploit an app, they inject it with malicious code to potentially access private user data stored in the browser, like cookies or session tokens.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.