Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
XSS Vulnerabilities Happen To Everybody
Cross-site scripting flaw found in UK's Cybersecurity Challenge site
1 Min Read
You would think that of all people, the developers of the U.K.'s Cybersecurity Challenge website would be the most scrupulous about finding security vulnerabilities before they happen. But according to researchers, cross-site scripting (XSS) flaws happen to them, too.
According to a report on the Netcraft security site, an XSS vulnerability was uncovered on the Cyber Security Challenge UK website -- before the site had even been made ready for candidates to register.
The Cybersecurity Challenge was established by a management consortium of key figures in cybersecurity, and is designed to test the mettle of security professionals.
The simple coding error was demonstrated by James Wheare, according to the report. Wheare told Netcraft that he was prompted to look for the hole after reading a friend's tweet and noticed insufficient encoding in the page's tags.
Netcraft says it has informed the Cybersecurity Challenge about the flaw.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
Read more about:
2010About the Author
You May Also Like
More Insights
