Commit fd0eb3a

committed

security

1 parent 91d4394 commit fd0eb3aCopy full SHA for fd0eb3a

File tree

+11

-0

lines changed

+11

-0

lines changed

100644100755

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@`
`8`	`8`	`- [Stack](https://github.com/ankurjuneja/React-Java-Concepts/blob/master/DataStructures/Stack.md)`
`9`	`9`	`- [Multithreading](https://github.com/ankurjuneja/React-Java-Concepts/blob/master/Java/Multithreading.md)`
`10`	`10`	`- Web`
	`11`	`+ - [Security](https://github.com/ankurjuneja/React-Java-Concepts/blob/master/Web-Issues-And-Monitoring/ApplicationSecurity.md)`
`11`	`12`	`- [Common Issues](https://github.com/ankurjuneja/React-Java-Concepts/blob/master/Web-Issues-And-Monitoring/Common.md)`
`12`	`13`	`- [Concepts](https://github.com/ankurjuneja/React-Java-Concepts/blob/master/Web-Issues-And-Monitoring/Concepts.md)`
`13`	`14`

Lines changed: 10 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,10 @@`
	`1`	`+SQL injection`
	`2`	`+- what? insertion/injection of a sql query via the input data from the client/UI to the application/backend.`
	`3`	`+- harm - attacker can read/modify sensitive data in database, execute administration operations on db.`
	`4`	`+- how to prevent? use of prepared statements, use of stored procedures, allow-list input validation and`
	`5`	`+ escaping all user-supplied input.`
	`6`	`+`
	`7`	`+XSS`
	`8`	`+- what?`
	`9`	`+ - type of injection attack in which attacker uses a web application to send malicious code to a different user.`
	`10`	`+ - attacker uses XSS to send malicious script to an unsuspected user.`

Comments

(0)