A talk about Cross-Site Scripting (XSS) in 2023? The mitigated unmitigated vulnerability.
12-09, 11:00–11:15 (Europe/London), Rookie track

Despite the multiple mitigations available to defend against Cross-Site Scripting (XSS) attacks, it remains a common vulnerability in 2023. This presentation aims to provide testers with a few methodological considerations when examining web applications for XSS vulnerabilities. Examples will be inspired by real life security assessments. The presentation will then conclude with a suggested layered defence-in-depth approach to mitigating XSS attacks.

Cybersecurity professional with a background in Marketing and Software Development.