Last week, a security research found a pretty serious web application vulnerability on the new Vatican web site. He tried to inform them, but they didn’t respond, so he leveraged the vulnerability to post a story saying the Pope claimed God was an onion. Watch the video for more details about this incident, and to learn a bit more about cross-site scripting (XSS) flaws and what your developers can do to avoid them.
Episode Runtime: 3:50
Direct YouTube Link: https://www.youtube.com/watch?v=cCZkg4pjGMA
- Researcher discovers serious XSS flaw in The Vatican web site – Business Insider
- Belgian researcher’s tweet of the issue – Twitter