Internet Explorer is Most Vulnerable Browser

The Internet Storm Center has a great article on the most common vulnerabilities in web applications (XSS or Cross Site Scripting)

https://isc.sans.edu/forums/diary/When+encoding+saves+the+day/20277/

 

This is  where some data is attempted insertion into the web application somehow.

isc10202015xssvulnerability

 

So the unfortunate browser response from Internet explorer is

Internet Explorer: GET /myform/action/post?myparam=”>%20Test

So what you say I don’t use Internet Explorer?  Well the people that do are susceptible to attacks that Chrome and Firefox are not and this may not be transparent in all pentests.  Make sure to pentest IE vulnerabilities as well.

Make sure and understand the post by Bojan at isc.sans.edu

 

 

This is important, as one has to be thorough in pentesting.

 

 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.