Secplicity – Security Simplified

XSS: Is God an Onion – Daily Security Byte

Last week, a security research found a pretty serious web application vulnerability on the new Vatican web site. He tried to inform them, but they didn’t respond, so he leveraged the vulnerability to post a story saying the Pope claimed God was an onion. Watch the video for more details about this incident, and to learn a bit more about cross-site scripting (XSS) flaws and what your developers can do to avoid them.

Episode Runtime: 3:50

Direct YouTube Link:


Corey Nachreiner, CISSP (@SecAdept)