topic Re: CISA and FBI release secure by design alert on cross-site scripting in Threats https://community.isc2.org/t5/Threats/CISA-and-FBI-release-secure-by-design-alert-on-cross-site/m-p/75146#M1424 <P>Thanks for sharing&nbsp;<a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/809125741">@Caute_cautim</a>.</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 15 Nov 2024 06:06:38 GMT Kyaw_Myo_Oo 2024-11-15T06:06:38Z CISA and FBI release secure by design alert on cross-site scripting https://community.isc2.org/t5/Threats/CISA-and-FBI-release-secure-by-design-alert-on-cross-site/m-p/74844#M1413 <P>Hi All</P><P>&nbsp;</P><P>CISA and the FBI are increasingly focusing on proactive cybersecurity and <A href="https://www.ibm.com/topics/cyber-resilience" target="_blank">cyber resilience</A> measures. Conjointly, the agencies recently released a new <A href="https://www.cisa.gov/resources-tools/resources/secure-design-alert-eliminating-cross-site-scripting-vulnerabilities" target="_blank" rel="noopener nofollow">Secure by Design alert</A> aimed at eliminating <A href="https://www.ibm.com/docs/en/sva/10.0.7?topic=configuration-prevention-vulnerability-caused-by-cross-site-scripting" target="_blank">cross-site Scripting (XSS) vulnerabilities</A>, which have long been exploited to compromise both data and user trust.</P><P>Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don’t attack the application itself but exploit user trust in a legitimate website.</P><P>&nbsp;</P><P><A href="https://securityintelligence.com/news/cisa-fbi-release-secure-by-design-on-cross-site-scripting/" target="_blank">https://securityintelligence.com/news/cisa-fbi-release-secure-by-design-on-cross-site-scripting/</A></P><P>&nbsp;</P><P>Caute_Cautim</P> Thu, 31 Oct 2024 19:36:00 GMT https://community.isc2.org/t5/Threats/CISA-and-FBI-release-secure-by-design-alert-on-cross-site/m-p/74844#M1413 Caute_cautim 2024-10-31T19:36:00Z Re: CISA and FBI release secure by design alert on cross-site scripting https://community.isc2.org/t5/Threats/CISA-and-FBI-release-secure-by-design-alert-on-cross-site/m-p/75146#M1424 <P>Thanks for sharing&nbsp;<a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/809125741">@Caute_cautim</a>.</P><P>&nbsp;</P><P>&nbsp;</P> Fri, 15 Nov 2024 06:06:38 GMT https://community.isc2.org/t5/Threats/CISA-and-FBI-release-secure-by-design-alert-on-cross-site/m-p/75146#M1424 Kyaw_Myo_Oo 2024-11-15T06:06:38Z