Web servers and web-based applications are increasingly
vulnerable to cross-site scripting attacks, internet security firm
NTA Monitor has warned. Its research has found that attacks are
beginning to appear on social networking sites and
forums.
Roy Hills, technical director at NTA Monitor, said, "Attackers
are creating websites in which they embed malicious code to track a
visitor's searches, user names and passwords. The code can affect a
visitor's PC without their knowledge and can quickly spread to
other visitors' machines."
Cross-site script can occur when information submitted by users
is not properly stripped of HTML tags, enabling an attacker to
embed malicious code on a website, Hill said.
"When the website is accessed, the code will execute code in a
user's browser. A user may be redirected to a fake website or have
their log-in or user information compromised. In the worst cases,
users' computers can be compromised."
It can be difficult to identify the malicious code, as browsers
do not identify malware.
Hills said IT directors should ensure that staff run
anti-spyware and anti-malware programs, and undertake regular
penetration testing.