Vulnerable websites can be exploited via XSS to steal user accounts, change settings or phish passwords from unsuspecting users.
In fact, XSS flaws are one of the most commonly encountered security flaws found on websites.
Patching is obviously sensible and should be undertaken at the earliest opportunity, but never forget that additional layers of protection can go beyond patches – and perhaps be proactive in defending your systems from abuse during the time when no official fixes are available.
Vulnerable websites can be exploited via XSS to steal user accounts, change settings or phish passwords from unsuspecting users.
In fact, XSS flaws are one of the most commonly encountered security flaws found on websites.
Patching is obviously sensible and should be undertaken at the earliest opportunity, but never forget that additional layers of protection can go beyond patches – and perhaps be proactive in defending your systems from abuse during the time when no official fixes are available.