OWASP (Open web application security project) just came out with their OWASP PHP Top 5 vulnerabilities list.  It details a number of what they consider to be the highest priority security vulnerabilities for PHP.  Coming in at number two was cross site scripting.  On the document it says that it was the research behind the PHP section of the SANS top 20, however cross site scripting was not named at all in that document.  It’s interesting to see how these lists evolve, based on the number of vulnerabilities are documented in a year’s time.  I wouldn’t expect this to do anything but grow!

This entry was posted on Monday, June 26th, 2006 at 2:58 pm and is filed under XSS, Webappsec. You can leave a response as well.