Web 2.0 is vulnerable to attack

Security researchers have found what they say is an entirely new kind of web based attack, and it only targets the Ajax applications so beloved of the 'Web 2.0' movement.

Fortify Software, which said it discovered the new class of vulnerability and has named it "JavaScript hijacking", said that almost all the major Ajax toolkits have been found vulnerable.

"JavaScript Hijacking allows an unauthorized attacker to read sensitive data from a vulnerable application using a technique similar to the one commonly used to create mashups," Chess writes in a white paper published today. Web 2.0 is vulnerable to attack - CBRonline.com

Linked by shanmuga Tuesday, 10th April 2007 1:40AM