This type of attack basically takes advantage of poorly written code and the lack of proper validation of input and output data. Ex's. SQL injections and cross site scripting. - Attacker injects malicious script into a server - the script is saved into a database - user requests data from the server - malicious script is loaded from the database into the server and executed along with the requested information (sort of like it's piggy backing off the requested data)

Web Application Threats in depth Flashcards by Christoph Todd

General premises

This type of attack basically takes advantage of poorly written code and the lack of proper validation of input and output data.
Ex’s. SQL injections and cross site scripting.

Attacker injects malicious script into a server
the script is saved into a database
user requests data from the server
malicious script is loaded from the database into the server and executed along with the requested information (sort of like it’s piggy backing off the requested data)

How well did you know this?

Not at all

Perfectly

Brainscape's Knowledge GenomeTM

Web Application Threats in depth Flashcards

Brainscape's Knowledge Genome^TM