Lecture 16: More Web App Vulnerabilities

This lecture focuses on the client side of web applications, considering attacks that target the user or their browser. It explores how cross-site scripting (XSS) allows an attacker to add their own JavaScript code to a vulnerable application’s pages, and distinguishes between Reflected and Stored XSS. It then considers the risk that remains from HTML injection, even in the absence of JavaScript. The lecture also looks at how an attacker can trick your browser into authenticating a request you never intended to make - known as cross-site request forgery (XSRF / CSRF).

The concluding part of the lecture revisits the idea of input validation, considering the question of where and when this should be done so as to effectively defend against attacks such as XSS. Finally, it looks at the work done by OWASP to identify and track the most significant web-related vulnerabilities.