Category: Vulnerabilities

A vulnerability is essentially a “gap” in an application’s security, caused by a mistake in how it was built or designed. When these gaps are exploited, they cause harm to stakeholders, which includes everyone from the people who own the app to the people who use it every day.

Java deserialization vulnerability

What is a Java Deserialization

A Java deserialization vulnerability occurs when a Java application deserializes untrusted data and is a seldom-mentioned yet massive Application Security issue.  During the deserialization process, the data is transformed from its stream of bytes (binary representation) into an object that the application can use. This process is made possible by the Apache Commons Collection library. The name of […]

Timon 
XSS vulnerability

What is XSS?

Cross-site scripting is an attack performed on vulnerable web applications that manipulates the app to send malicious scripts to users. An attacker injects a malicious script into a legitimate, trusted website to access personal data of other users, control their browser, or in severe cases, control the application itself. Attacks like these can be split […]

Timon 
SQL injection vulnerability

What Is a Java SQL Injection?

SQL injections are one of the most common web application security threats used by attackers. SQL injection attacks, or SQLi attacks, have remained one of the top three most critical security risks on the Open Worldwide Application Security Project (OWASP) Top 10 list since 2007.  A SQL injection attack is a web application attack in which the attacker […]

Timon 
File access vulnerabilities

What is path traversal?

Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. This might include: In some cases, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data or behavior, and ultimately take […]

Timon