|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||
|
Imperva Announces Vulnerability in AJAX Technology
JavaScriptSearch The Imperva Application Defense Center today announced the discovery of a critical vulnerability in DWR (Direct Web Reporting), a key underlying technology in the AJAX (Asynchronous JavaScript and XML) web application development framework. This client-side vulnerability can be exploited to launch Denial of Service (DoS) attacks and break into back-end servers and databases. AJAX is emerging as the new lingua franc for building new generation Web 2.0 applications such as Google Maps. Since AJAX executes a much larger proportion of application logic in the web browser than traditional web applications, it exposes a broader attack surface to client-side exploits used by attackers to target sensitive back-end servers directly. The ADC has published a free security advisory that details the DWR vulnerability and how to mitigate attacks. Amichai Shulman, head of the ADC, is available to discuss this vulnerability as well as AJAX/Web 2.0 security issues. |
Copyright © 1998 - 2018 DevStart, Inc. All Rights Reserved |