A
ActiveX Control
A software component of
Microsoft Windows that can be used to create and distribute small applications through
Internet Explorer.
ActiveX controls can be developed and used by software to perform functions that would otherwise not be available using normal
Internet Explorer capabilities. Because
ActiveX controlscan be used to perform a wide variety of functions, including downloading and running programs, vulnerabilities discovered in them may be exploited by malware. In addition, cybercriminals may also develop their own
ActiveX controls, which can do damage to a computer if a user visits a webpage that contains the malicious
ActiveX control.
Adware
A program that displays advertisements. While some
adware can be beneficial by subsidizing a program or service, other
adware programs may display advertisements without adequate consent.
Alert Level
An
alert level is assigned to particular malware by an analyst when adding detection. It is based on a calculation that takes into account the malware's ability to spread and potential to cause damage. The different
alert levels are explained here:
Alias
An alternative detection for particular malware. Generally this refers to detections of the same malware by other antivirus vendors; however, it may also refer to an alternative
Microsoft detection of the same malware. For rogue software, this may refer to the name it uses for its fake antivirus program.
API
Stands for "
Application Programming Interface". A set of routines that an application uses to interface to lower-level services.
APIs allow standard access to low-level programming functions, separating high-level programs from the need to understand the low-level programming required for each piece of hardware or service.
Authenticated user
Refers to a user who is logged in, with the correct credentials, anywhere within a network.
Authentication bypass
A vulnerability in which malicious people can bypass certain authentication mechanisms of the application, thereby possibly gaining access to the application without the proper credentials.
B
Backdoor Trojan
A type of trojan that provides attackers with remote unauthorized access and control of infected computers.
Bots are a subcategory of
backdoor trojans (see
botnet).
Behavior
A type of signature created based on certain file
behaviors that are often associated with malicious activity.
Bot
A malicious program installed on a computer that is part of a
bot network (
botnet).
Bots are generally backdoor trojans that allow unauthorized access and control of an affected computer. They are often controlled via
IRC from a centralized location (although other models of command and control exist). See
botnet.
Botnet
A set of computers controlled by a "
command and control" computer to execute commands as directed. The "
command and control" computer can issue commands directly (often through
Internet Relay Chat, or
IRC) or by using a decentralized mechanism, like
peer-to-peer (
P2P) networking.
Browser Helper Object
A
Browser Helper Object or
BHO is a
DLL file that acts as a plugin for
Internet Explorer. A
BHO may have a visible presence in the browser, such as a toolbar. A corresponding
CLSID is assigned to each
BHO under the "
Browser Helper Objects" subkey in the registry; deleting the
CLSID key prevents the
BHO from loading..
Browser Modifier
A program that changes browser settings, such as the home page, without adequate consent. Also includes
browser hijackers.
Brute Force
A type of attack in which the attacker attempts to gain access to a system by guessing a correct set of credentials; this is usually done in an automated fashion using an application or an algorithm.
Buffer overflow
An error in an application in which the data written into a
buffer exceeds the current capacity of that
buffer, thus overwriting adjacent memory. Because memory is overwritten, this may result in unreliable program behavior, and in certain cases, allow arbitrary code to run.
C
CAPTCHA
Stands for "
Completely Automated Public Turing test to tell Computers and Humans Apart". A
CAPTCHA is a challenge meant to be easily solvable by humans, while remaining too hard to be economically solved by computers. An example of
CAPTCHA seen widely on websites is a distorted image of letters and numbers. The user is required to interpret the image and type the response.
Cavity Infection
A
cavity-infecting virus is a virus that infects files by inserting its code into space that does not appear to be used within the targeted host file. In this way, it is able to infect files without increasing the affected file's size, thus is less likely to be noticed by an affected user. By looking for space that appears to be unused within the targeted host file, and inserting its own code in to this space, the cavity infection (in comparison to other parasitic infections) minimizes modification to a host file structure (mainly the file's size), and thus may avoid suspicion. This method of file infection, as with parasitic infections in general, is less common in the wild today than it was the past. By inadvertently overwriting spaces which are in use, cavity infecting viruses, as with other parasitic file infectors, may irretrievably corrupt files when attempting to infect them.
Clean
To remove malware or potentially unwanted software from an infected computer. A single cleaning can involve multiple
disinfections.
Clean File
A file that has been determined to be neither malicious, nor potentially unwanted.
Cookie
An
HTTP cookie, also called a tracking
cookie, is a piece of text sent by an accessed server to the accessing browser. From then on, every time the browser accesses the server again, that particular
cookie is sent back, in a way to "identify" the browser and its past behavior.
Cookies are often used by online shopping sites to keep track of the browser's (and therefore potentially the user's) shopping habits and to better suggest items that the user may also be interested in purchasing. Depending on which server the
cookie belongs to, a
cookie may contain sensitive information. However,
cookies may be read (and the information stored in them "stolen") by malware.
Cross-site Request Forgery (CSRF or XSRF)
A website exploit in which unauthorized commands from an attacker are executed by a website under the guide that the attacker is in fact a trusted user. It involves websites that rely on a user's credentials, and in which an attacker exploits a website's trust in those credentials.
Cross-site Scripting
An attack technique wherein an attacker inserts malicious
HTML and
JavaScript into a vulnerable webpage, often in an effort to distribute malware or to steal sensitive information from the website or its visitors. Despite the name,
cross-site scripting (XSS) does not necessarily involve multiple websites. Persistent
cross-site scripting involves inserting malicious code into a database used by a web application, potentially causing the code to be displayed for large numbers of visitors.
Cryptor
A tool that may be used, legitimately, or illegitimately, to protect an application from being reverse-engineered, or otherwise analyzed. These tools use encryption to obfuscate the content of an application, often for the purposes of avoiding detection and hindering analysis.
Cybersquatting
The act of registering, trafficking in, or using a domain name with bad-faith intent to profit from the goodwill of a trademark belonging to someone else. Also known as "
typosquatting".
D
DDoS
Stands for
Distributed Denial of Service – see
Denial of Service. Considerable resources may be required to exhaust a target computer and cause it to fail to respond. Often multiple computers are used to perform these types of malicious attack and increase the attack's chances of success. This can occur, for example, when a number of compromised computers, such as those that comprise a
botnet, are commandeered and ordered to access a target network or server over and over again within a small period of time.
Definition
A set of
signatures that can be used to identify malware using antivirus or antispyware products. Other vendors may refer to definitions as DAT files, pattern files, identity files, or antivirus databases.
Dialer
A program that makes unauthorized telephone calls. These calls may be charged at a premium rate and attract an unexpectedly high cost to the user.
Disinfect
To remove malware or potentially unwanted software from a computer, or to restore functionality to an infected program. Compare to
Clean.
Domain authentication
An action by which the user is checked and verified to be a member of a specific domain that he is trying to access.
DoS
Stands for
Denial of Service. A condition that occurs when the resources of a target computer are deliberately exhausted, effectively overwhelming the computer and causing it to fail to respond or function for its intended users. There are a number of different types of attack that may be used to result in a denial of service condition, utilizing different types of flood, or malformed network traffic.
Double-free Condition
Occurs when a program frees up memory twice on the same address before that memory has been reused. This can lead to modifying certain memory locations, and thus unpredictable program behavior and in some instances may allow an attacker to gain control of the program.
Downloader
A type of trojan that downloads other files, which are usually detected as other malware, onto the computer. The
Downloader needs to connect to a remote host to download files, compared to a
Dropper, which already contains the files in its malware package. See
Trojan Downloader/Dropper.
Drive-by Download
Refers to the unintentional download of certain programs from the Internet. This may be because of a lack of user understanding (such as agreeing to
EULAs without reading through them), or an automated download of certain programs in accordance with the program developer's design. In the wild, malware has been observed to exploit certain browser vulnerabilities to perform drive-by downloading of arbitrary files.
Dropper
A type of trojan that drops other files, which are usually detected as other malware, onto the computer. The file to be dropped is included as part of the dropper package, compared to a
Downloader, which needs to connect to the Internet to download files. See
Trojan Downloader/Dropper.
E
EICAR
Acronym for "
European Institute for Computer Antivirus Research".
EICAR.COM is a test file that is used to see if antivirus software is installed and functioning properly. For additional information about
EICAR, please visit the
EICAR website.
Encryption
Encryption is the method of transforming readable data into unreadable data for the purposes of secrecy. Once
encrypted, such data cannot be interpreted (either by humans or machines) until it is
decrypted.
Encryption is performed using an
encryption algorithm and a secret value called a 'key'.
Encrypted data generally cannot be
decrypted without knowledge of the secret 'key' or substantial resources. Malware may use
encryption to obfuscate its code (make its code unreadable), thus hoping to hinder its detection and removal from the affected computer. A common and simple
encryption technique used by malware is
XORing, in which the
Exclusive Or (XOR) computational operation is applied to each bit according to a given key. Malware may use
cryptors to
encrypt their code.
Exploit
Malicious code that attempts to exploit vulnerabilities in applications or operating systems.
F
Firewall
A program or device that monitors and regulates traffic between two points, such as a single computer and the network server, or one server to another.
Form grabbing
Form grabbing is the hooking of web browser APIs to intercept webform data, with the intent to steal authentication information or alter web content presented to the user.
G
Generic
A type of signature capable of detecting a large variety of malware samples from a specific family, or of a specific type.
H
Heap overflow
A type of
buffer overflow in which the overflow occurs in the heap data area. Memory in the heap is dynamically allocated; therefore successfully causing a heap overflow may overwrite internal structures, such as pointers.
Heuristics
A tool or technique that enhances the ability to identify certain, and potentially common, code patterns. This is useful for making, for example,
generic detections for a malware family.
Hijacking
A vulnerability in which a communication channel is taken over by an attacker; an example is when an attacker gains access to the user's browsing session.
Hoax
An email that warns users about imaginary malware (that is, that does not exist in reality).
Hoaxes tend to follow a fairly standard pattern - they are generally written in highly technical and emotive language and often describe highly destructive, irreversible payloads (that may be physically impossible).
Hoaxes also often appear to quote industry experts to claim legitimacy and they generally ask users to forward the message to as many people as possible.
Hosts file
A
Hosts file is a file that maps host names to IP addresses. It is used by a computer to resolve what IP address to go to when a user attempts to go to a certain URL. While this action can be done for legitimate purposes, such as blocking non-authorized websites in a corporate environment, the
Hosts file can also be edited for malicious purposes. Certain malware edit the
Hosts file so that when a user attempts to access a certain legitimate website, the browser is instead redirected to a malware site.
I
IFrames
Short for
inline frame, an
iFrame is an
HTML document that is embedded in another
HTML document. Because the
iFrame links to another webpage, it can be used by cybercriminals to place malicious
HTML content into non-malicious
HTML pages, for example in the form of a
JavaScript advertisement, which downloads and installs spyware, that is placed in a trusted website.
Improper authentication
Occurs when an application does not sufficiently validate that a user is who he says he is.
Improper authorization
Occurs when an application does not sufficiently validate the privileges or permissions of a user when he attempts to access a resource or perform a certain action.
Improper error handling
Occurs when an application does not properly handle errors encountered in execution; this includes returning to the application failing, the application performing an unexpected action, disclosing information because of the error, and so on.
Improper input validation
Occurs when an input to a form is not properly validated or sanitized, or is in a form that the application is not fit to handle correctly; this is a potential vulnerability if the improper validation allows unintentional actions to occur.
In-the-wild
Malware that is currently detected in active computers connected to the Internet, as compared to those confined to internal test networks, malware research laboratories, or malware sample lists.
Incorrect Detection
A type of detection in which a legitimate program may have been mistakenly classified as malware or spyware. If you would like to report an
incorrect detection, you can use the
Incorrect Detection Report Form or you can
submit a sample - be sure to indicate that you believe the submission should not be detected as malware by using the checkbox and adding a note in the comment box.
Infection
The act by a virus of inserting or adding its code to a file, thus enabling the file to spread virus code.
Information disclosure
A vulnerability in which information is made available, often inadvertently, by an application, either to users to whom the information should not be made available, or in a situation in which the information is not relevant.
Insufficient bounds
A condition which may lead to a
buffer overflow; this occurs when the boundaries for a container are too small for the data being written into it.
Insufficient validation
A condition in which the type of data written into a container is not checked properly, thus possibly causing errors in the program.
Integer overflow
Occurs when an integer value is incremented by an application until it becomes a value too large to fit in the current representation; this may be a problem when the integer value is used to determine the next step in the application, stores data, or is used to compute for a certain location in memory.
J
Joke Program
A program that pretends to do something malicious but actually does nothing harmful (for example, pretending to delete files or format disks).
K
Kill bit
A specific value for the
Compatibility Flags DWORD value for the
ActiveX control in the registry that, when set, means that the control is no longer called by
Internet Explorer at all unless the "
Initialize and script ActiveX controls not marked as safe" option is enabled in
Internet Explorer.
L
Least-privilege User Account (LUA)
A user account that normally runs with minimal privileges. See also:
User Account Control.
M
Macro Virus
A type of virus written as a macro for an application (such as
Microsoft Word or
Excel). A macro virus infects a file by replicating itself as a macro for that file, ensuring that when the file is opened, the virus is run.
Malformed input
A type of input that is not well-formed; that is, it is not of the expected format or contains invalid data.
Malware
Malicious software or potentially unwanted software installed without adequate user consent.
Malware Creation Tool
A
malware creation tool is a program that is used by attackers to generate malware. Such programs may be able to automatically produce malware files according to specifications provided by the attacker.
Man-in-the-middle (MITM) attack
A form of eavesdropping in which the attacker positions herself figuratively in the middle of two parties. These parties are under the assumption that they are communicating with each other when in fact the attacker is relaying messages from one party to another without their knowledge. This gives the attacker an opportunity to manipulate or gather the messages as she sees fit.
Memory Reallocation
A condition in which memory is reused and overwritten before the previous data written into it was used; if the new data is unexpected, this may cause errors in the program.
Memory Resident
A threat is termed as "
memory resident" if it continues to run and the space it occupies in memory is not freed for use by another program. A
memory-resident threat persists in memory and usually cannot be terminated unless the computer is restarted.
Monitoring Software
Commercially available software that monitors activity, usually by capturing keystrokes or screen images. It may also include network-sniffing software.
Mutex
Stands for
Mutual Exclusion Object, a programming object that may be created by malware to signify that it is currently running in the computer. This can be used as an infection '
marker' in order to prevent multiple instances of the malware from running in the infected computer, thus possibly arousing suspicion.
N
Network Packet
A unit of data carried over a network; it typically has two parts – control and payload – the former which serves to identify the manner in which the latter is delivered.
Non-persistent XSS
A type of
cross-site scripting in which the server does not properly sanitize the browser's rendering of certain characters based on a client's input, and renders it back in the HTTP response.
P
Packer
A program that allows a user to package or bundle a file. This may be used by malware authors to obfuscate the structure of a malware file and thus avoid detection, as packing a single file using different packers results in different packages.
Password Stealer
A
password stealer (PWS) is malware that is specifically used to transmit personal information, such as user names and passwords. A
PWS often works in conjunction with a keylogger, which sends key strokes and/or screenshots to an attacker.
Payload
The malware's purpose other than propagation (in the case of viruses and worms). The actions conducted by a piece of malware for which it was created. This can include, but is not limited to, downloading files, changing computer settings, displaying messages, logging keystrokes, and so on.
Persistent XSS
A type of
cross-site scripting in which the malicious script is stored in a server and is rendered when the application is called or the webpage in which it is hosted is browsed to.
Phishing
A method of identity theft that tricks Internet users into revealing personal or financial information online.
Phishers use phony websites or deceptive email messages that mimic trusted businesses and brands to steal
personally identifiable information (PII), such as user names, passwords, credit card numbers, and identification numbers.
Pipe
A conceptual channel that facilitates the feeding of the input from one process into another.
Polymorphic
A
polymorphic virus is a virus that can mutate its structure to avoid detection by antivirus programs. It can mutate usually by changing a variable or variables in its code without changing its overall algorithm.
Potentially Unwanted Software
A program with potentially unwanted behavior that is brought to the user's attention for review. This behavior may impact the user's privacy, security, or computing experience.
Privilege Elevation
A vulnerability in which a user is able to perform tasks beyond the scope of the credentials with which he is logged in with.
Proof-of-Concept Code
Proof-of-Code (PoC) is code that is developed to demonstrate the viability of a particular method of attack. This can include code that is created to illustrate how a particular software vulnerability can be exploited, or even malware created to illustrate how a particular platform can be utilized, or file format infected.
Proxy Server
A
proxy server is a type of server that facilitates requests to other servers on behalf of the client. A
proxy server can be configured to alter the client's request, or the server's response.
Proxy servers can be used to filter content, store content in a cache for frequent requests, anonymize the client from which the request is coming from, and so on.
R
Ransomware
Ransomware is a type of
malware that prevents use of a computer or access to the data that it contains until the user pays a certain amount to a remote attacker (the "
ransom"). Computers that have
ransomware installed usually display a screen containing information on how to pay the "
ransom". A user cannot usually access anything on the computer beyond the screen.
Reinfection
When a computer becomes infected after having previously been cleaned or disinfected.
Reinfection typically occurs when a user repeats usage patterns without completely updating the computer's antimalware protection during the disinfection process.
Remote Code Execution (RCE)
A situation in which an attacker is able to execute arbitrary code without having physical access to the target system.
Remote Control Software
A program that provides access to a computer from a remote location. These programs are often installed by the computer owner or administrator, and are only a risk if unexpected.
Remote Procedure Call (RPC)
An interprocess communication mechanism that enables data exchange and invocation of functionality residing in a different process; that process can be on the same computer, on the local network, or on the Internet.
Resident
Malware is
resident if it continuously runs in the computer. Malware may make itself, or a copy of itself, resident by making computer changes that automatically set it to run when the computer starts up.
Rogue Security Software
Software that appears to be beneficial from a security perspective but which provides limited or no security capabilities, generates a significant number of erroneous or misleading alerts, or which may attempt to socially engineer the user into participating in a fraudulent transaction. If you would like to confirm if a program is a
rogue, you can
submit a sample to the
MMPC for analysis.
Rootkit
A program whose main purpose is to perform certain functions that cannot be easily detected or undone by a system administrator, such as hide itself or other malware.
S
Script (malware)
A type of malware that is written using a
scripting language. Common forms of
scripting language include
JavaScript,
HTML, and
Visual Basic.
Security Bypass
A vulnerability in which a user is able to bypass security measures of an application.
Sender ID Framework
An
Internet Engineering Task Force (IETF) protocol developed to authenticate email to detect spoofing and forged email with the typical tactic to drive users to phishing websites and to download malicious software.
Settings Modifier
A program that changes computer settings with or without the user's knowledge.
Shell
The command interpreter that is used to pass commands to the operating system.
Shellcode
Code used as the payload when a software vulnerability is exploited. Exploitation may result in the attacker starting a command
shell, from which he or she can control the compromised computer, hence the term "
shellcode".
Signature
A
signature is a set of characteristics that can identify a malware.
Signatures are used by antivirus and antispyware products to determine if a file is malicious or not.
Social Engineering
A technique that defeats security precautions in place by exploiting human vulnerabilities.
Social engineering scams can be both online (such as receiving email messages that ask you to click on the attachment, which is actually malware) and offline (such as receiving a phone call from someone posing as a representative from your credit card company. Regardless of the method selected, the purpose of a
social engineering attack remains the same - to get the targeted user to perform an action of the attacker's choice.
Software Bundler
A program that installs other potentially unwanted software, such as
adware or
spyware. The license agreement of the bundling program may require these other components to function.
Spam
Bulk unsolicited email. Malware authors may use spam to distribute malware, either by attaching the malware to the message, or by sending a message containing a link to the malware. Malware may also harvest email addresses for spamming from compromised computers, or may use compromised computers to send
spam from.
Spam Run
A
spam run is the term for a round of released spam. It may be used to refer to a single course of
spam, for example, from the same servers, or
spam that revolve around a common periodic theme, for example,
Valentine's Day spam.
Spammer
A
spammer is a
trojan that sends large volumes of unsolicited email. It may also pertain to the person or entity responsible for sending out the unsolicited email messages.
Spoof
A type of attack where the source of a message (say, in an email message or on a webpage) is falsified to appear to come from a trusted third party. For example, malware authors often distribute malware via email that appears to come from a legitimate and trusted source.
Spoofer
A
spoofer is a
trojan that attempts to create fake email headers and other protocols that can be spoofed.
Spoofing
A vulnerability in which a user is able to mimic another user or system; for websites, this term pertains to when a website copies the same look and feel of another in order to trick users into mistaking one for the other.
Spyware
A
Spyware detection describes a program that collects information, such as the websites a user visits, without adequate consent. Installation may be without prominent notice or without the user's knowledge. A
TrojanSpy detection describes a trojan that has spyware capabilities.
SQL Injection
A technique in which an attacker enters a specially crafted
Structured Query Language (SQL) statement into an ordinary web form. If form input is not filtered and validated before being submitted to a database, the malicious
SQL statement may be executed, which could cause significant damage or data loss.
Stack-based buffer overflow
The more common type of
buffer overflow in which the overflow occurs when a program writes to memory addresses outside of the
buffer, usually fixed in size. As a result, data adjacent to the stack is overwritten, and may be exploited to allow arbitrary code to be executed.
Stealth
A method of hiding the presence of a threat, file or process. One form of
stealth involves redirecting requests or attempts to view malicious files or code to an otherwise innocent location in a file or process.
T
Tool
A
Tool detection is used for software that may have a legitimate purpose, but which may be abused by malware authors or attackers. A
Hacktool detection is used for tools that have been designed more explicitly with malware authors or attackers in mind. A
Virtool detection is used mostly for malware components, or tools that perform malware-related actions, such as
rootkits.
Trojan
A malicious application that is unable to spread of its own accord. Historically, the term has been used to refer to applications that appear legitimate and useful, but perform malicious and illicit activity on an affected computer.
Trojan Clicker
A
trojan clicker is a type of trojan that clicks. This could include
trojans that initiate the installation of another program by clicking through dialog boxes in an installer program, however, it is more often applied to trojans that may be used to generate revenue by clicking on online advertisements or to increase web traffic to targeted sites.
Trojan clickers can also be used to skew online polls (for any number of different reasons) and to add the appearance of legitimacy to sites that host potentially unwanted software, by making the applications they push appear to be more popular than they actually are.
Trojan Downloader/Dropper
A form of trojan that installs other malicious files to the infected computer either by downloading them from a remote computer or by dropping them directly from a copy contained in its own code.
Trojan Proxy
A
trojan proxy is a type of trojan that installs a
proxy server on a computer. A
proxy server installed by a trojan can be configured so that all Internet requests made by the infected computer are routed via the
proxy server to an attacker-controlled server.
Typosquatting
A form of
cybersquatting where someone registers a domain name of a highly visited website, except with typographical errors (for example,
microsooft.com). Also known as
cybersquatting.
U
Unchecked Buffer
A condition in which the data written into a
buffer is not validated; this may cause errors in the program when the data in the
buffer is read.
Uninitialized Memory
Memory space that contains uninitialized value, which may leave the memory space in an unexpected state with it is accessed or used.
Uninitialized Pointer
A pointer that contains an uninitialized value, which might not point to a valid memory location and result in the application trying to read or write from this invalid location.
Uninitialized Variable
A variable that has not been initialized, which may lead to unexpected results if an application calls that variable at that time.
Unrestricted upload of a file with a dangerous type
A type of vulnerability in which the software allows an attacker to upload files of a dangerous type, in which "dangerous" means that the file is automatically processed and executed.
Use After Free
A situation in which memory is referenced after it has been freed, or expunged of its previous values; this can cause the application to fail, behave unexpectedly.
User Account Control
With
User Account Control (or
UAC, formerly known as
"Least-privilege User Account," or
LUA) enabled, interactive administrators normally run with least user privileges, but they can self-elevate to perform administrative tasks by giving explicit consent with the Consent
UI. Such administrative tasks include installing software and drivers, changing system-wide settings, viewing or changing other user accounts, and running administrative tools.
User elevation
A process in which a user acquires higher privileges than those assigned by default.
V
Virtual Machine
A computer within a computer, implemented in software. A
virtual machine emulates a complete hardware system, from processor to network card, in a self-contained, isolated software environment, enabling the simultaneous operation of otherwise incompatible operating systems. Each operating system runs in its own isolated software partition.
Virus
Malware that replicates, commonly by infecting other files in the computer, thus allowing the execution of the malware code and its propagation when those files are activated. Other forms of
viruses include
boot sector viruses and replicating
worms.
Vulnerability
A flaw, error, or poor coding technique in a program that may allow an attacker to exploit it for a malicious purpose.
W
WildList
Worm
- Email programs
- Instant Messaging programs
- File-sharing programs
- Social networking sites
- Network shares
- Removable drives with Autorun enabled
- Software vulnerabilitiesX
XML Injection
A type of vulnerability in which the application does not properly neutralize special
XML elements, which may allow an attacker to change the
XML file.
XSS
See
cross-site scripting.
Aucun commentaire:
Enregistrer un commentaire