Question: As a result of testing a web application, it was discovered that there were several vulnerabilities. These vulnerabilities are listed below: Cross - site scripting

As a result of testing a web application, it was discovered that there were several vulnerabilities. These vulnerabilities are listed below:
Cross-site scripting (XSS)
Cross-site request forgery (CSRF)
SQL injection
Sensitive data exposure
Insufficient logging and monitoring
Your task is to create a report for senior management, either in Google Docs or Google Slides, listing each of the five vulnerabilities, and tying them to the OWASP Top 10. In addition, you must document the risk posed by each one, the severity, and how to remediate them. Be sure to provide justification for the severity rating.
Use the information provided on the owasp.org website to assist you with this report.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

Need a small tier complete project on cross site scripting.. 2. Project Title: Exploiting Website using Cross Site Scripting (XSS) Attacks. 3. Problem Statement: Injecting client side scripts using...

Q:

Part 1 : Auditing and Test Cases For this part, your job will be to find some flaws in the program, and then create test cases that expose flaws in the program. You should write: One attack, that...

Q:

Project 1 - Threat Modeling using STRIDE Due 10/8 11:59 P.M. Attached Files: Purpose This project provides an opportunity to apply the concepts of using a Threat Modeling methodology, STRIDE, against...

Q:

There are two problems due this week (each worth 35 points) as follows. Case 5-1David L. Miller: Portrait of a White-Collar Criminal (page 144). In comprehensive paragraphs, answerrequirements 1?6....

Q:

Which listed statements are true Web fingerprinting is based solely on the User - Agent header sent by a browser. WebAuthn provides stronger protection against phishing attacks compared to...

Q:

Which listed statements are true Web fingerprinting is based solely on the User - Agent header sent by a browser. WebAuthn provides stronger protection against phishing attacks compared to...

Q:

Web Programming and Security Introduction - World Wide Web has evolved from a system that delivers static pages to a platform that supports distributed applications, known as web applications and...

Q:

CASE DESCRIPTION Lux Insurance Brokers (LIB) is an insurance brokerage firm based in Sydney, New South Wales, Australia. LIB provides house, car and life insurance to individuals residing in...

Q:

. Which listed statements are wasf Web fingerprinting is based solely on the User - Agent header sent by a browser. WebAuthn provides stronger protection against phishing attacks compared to...

Q:

Attacks Types of Cyber Attacks Denial-of-Service (DoS) Attacks - are a type of network attack. A DoS attack results in some sort of interruption of network services to users, devices, or...

Q:

Find the equation for a linear function f(x, y) with the values given in the table below: ry-10 12 0-3-2-10 1-4-3-2-1 2-5-4-3-2 3 -6-5-4-3 f(x, y) =

Q:

(a) Compute A2, A3, and A4. (b) Conjecture a general formula for An, n Z+, and establish your conjecture by the Principle of Mathematical Induction. Let A 1

Q:

What is the awnser for A 2 in this problem roblems 3 of 3 1 . 9 3 2 6 empt in Progress the following information for Concord Inc. for the month ended October 3 1 , 2 0 2 7 . Concord uses a periodic...

Q:

CT Corp Comprehensive Question Canadian Tire Corporation, Limited ( Canadian Tire ) is a family of companies that includes a retail segment and a financial services division, among others. The retail...

Q:

1 Does it surprise you that vacation time is not mandated in the United States but is mandated in most other wealthy nations? Do you think that Americans would be more or less productive if they had...

Q:

Have you ever been involved in a mentoring relationship? If so, did you find that this relationship benefited you in any way? Did it benefit your organization as well? How would you describe the...

Q:

A Do you think that organizations benefit more from having employees work face to face or from having employees work from home? Does it have to be one way or the other?