Computer Weekly – (International) XSS attacks remain top threat to Web applications. Cross-site scripting (XSS) attacks remain the top threat to Web applications, databases, and Web sites, an analysis of 15 million cyberattacks in the third quarter of 2012 revealed. Other top attack techniques are directory traversals, SQL injections (SQLi), and cross-site request forgery (CSRF), according to the latest Web application attack report by cloud hosting firm FireHost. The increase in the number of cross-site attacks is one of the most significant changes in attack traffic between Q2 and Q3 2012, the report said. XSS and CSRF attacks rose to represent 64 percent of the group. XSS is now the most common attack type, with CSRF now in second.
Ali Loney, on October 22, 2012