Category Archives: DOM-based

DOM-based Ajax request-header manipulation

In this section, we’ll look at what DOM-based Ajax request-header manipulation is, talk about the potential impact of this kind of attack, and suggest ways to reduce your exposure to Ajax request-header manipulation vulnerabilities. What is DOM-based Ajax request-header manipulation? Using Ajax enables a website to make asynchronous requests to the server so that web…

Read More

DOM-based denial of service

In this section, we’ll describe DOM-based denial-of-service vulnerabilities, look at which sinks can lead to this kind of vulnerability, and discuss ways to reduce your exposure to DOM-based DOS attacks. What is DOM-based denial of service? DOM-based denial-of-service vulnerabilities arise when a script passes attacker-controllable data in an unsafe way to a problematic platform API,…

Read More

DOM-based client-side SQL injection

In this section, we’ll discuss what DOM-based client-side SQL injection is, describe how an attacker can exploit this vulnerability, and suggest ways to reduce your exposure to this kind of attack. What is DOM-based client-side SQL injection? Client-side SQL injection vulnerabilities arise when a script incorporates attacker-controllable data into a client-side SQL query in an unsafe way….

Read More