Content Security Policy is a standard developed by Mozilla designed to protect against cross site scripting (XSS) attacks. Cross site scripting attacks use vulnerabilities in websites to inject JavaScript code into pages or urls of that site. The injected JavaScript code is then executed when visitors open a specifically prepared link or page on the [...]
- Author: Martin Brinkmann
- Comments: 1
Adobe Flash Player Clickjacking Vulnerability
Dante send me a link to an interesting article that described the latest Adobe Flash Player vulnerability. Adobe published a security advisory yesterday that described a clickjacking vulnerability. In short: An attacker could lure the unsuspecting user into clicking on a link that would give the attacker access to the computer’s microphone and webcam without [...]