We are on the cusp of another new year. As we are transitioning from 2019 to 2020 one particular vulnerability has stood the test of time. It has kept the information security community on its toes since it's initial discovery in the year 1999. In the last two decades it has continued to evolve by subduing our website defenses and can still be readily found in modern web applications. Cross Site Scripting or XSS requires no introduction. I would say it is one vulnerability that is eternal in nature as it exists since the advent of the internet.
My next blog post titled "Art of XSS Slaying" will discuss more about XSS, it's evolution, common application features where it can still be easily detected and ideas to tame it.
Here is a quick collage of the interesting cross site scripting instances, I have responsibly disclosed overtime to leading web sites and vendors.
Note: All the cross site scripting instances reported in this collage are already patched !
Thanks for viewing this blog post. I wish you a very happy, prosperous and safe new year 2020 !
