“If you are responsible for testing applications, take note when you identify URLs in the parameters. Investigate where that data is used. If you see it is used in an anchor tag, look to see if it is possible to insert JavaScript in this manner.” James Jardine – Host and Application Security Advisor at DevelopSec
Source: DevelopSec
About James Jardine:
James Jardine is a leader in application security. He has over 20 years of experience focusing on application security and software development. His experience includes software development, penetration testing, secure development lifecycle enhancement, vulnerability management, secure code review and training. He has worked with mobile, web and windows platforms.
