All content for AppSec Serialized by Invicti is the property of Invicti Security and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Cross-site scripting (XSS) is one of the oldest web vulnerability types and still a very real threat.
In this episode, Frank Catucci and Dan Murphy talk about the origins of cross-site scripting, some high-profile attacks, and best practices to test for and also prevent XSS in applications. In the fiction segment, Mallory the hacker uses XSS to inject script into an old and vulnerable leaderboard server—but she has to work hard to get around the WAF first.
