Social Network For Security Executives: Network, Learn & Collaborate
Today’s post is the last in the series of articles about XSS vulnerabilities in SAP systems. The previous parts describe how to prevent XSS in SAP NetWeaver ABAP and SAP NetWeaver J2EE.
XSS is one of the most popular vulnerabilities and its effect can range from a petty nuisance to a significant security risk, depending on the sensitivity of the data. In SAP products, 628 XSS vulnerabilities were discovered that is almost 22%…Continue
Added by Alexander Polyakov on August 25, 2015 at 5:48pm — No Comments
Added by Alexander Polyakov on August 25, 2015 at 5:47pm — No Comments
We continue our series of posts giving a review of one of the most frequent vulnerability which affects a lot of SAP modules: cross-site scripting, or XSS. Today's post describes how to protect SAP NetWeaver ABAP from XSS.
For all generic Web applications where you accept input parameters, you must use encoding methods provided by the ICF handler. The implementation of the encoding is…Continue
Added by Alexander Polyakov on August 25, 2015 at 5:46pm — No Comments
Oracle PeopleSoft applications are quite complex and consist of many components, so does their security. While there is almost no research on PS security, successful attacks against such systems happen from time to time. That’s why we decided to start a series of articles about some aspects of PS security.
These applications are designed to address the most complex business requirements. They…Continue
Added by Alexander Polyakov on August 24, 2015 at 6:44pm — No Comments
Hello, dear readers! Today I would like to talk about Oracle Security.
On August 11, Mary Ann – Oracle's CSO - published an incredibly shocking post about security researchers which was promptly deleted (either by herself or somebody else). The post was discussed by multiple resources such as…Continue
Added by Alexander Polyakov on August 24, 2015 at 6:38pm — No Comments
No doubt you had heard about Chrysler’s recall of affected cars as it appeared in all the top media. You’ll be even more surprised if you see how many recalls happened because of technical issues in recent months. But there is something that we may miss beyond the headlines, some important potential sabotage vectors may happen or are even happening now to increase these…Continue
Added by Alexander Polyakov on August 4, 2015 at 4:31pm — No Comments