By Tim Wilson
May 03, 2010
You would think that of all people, the developers of the UK's
Cybersecurity Challenge website would be the most scrupulous about
finding security vulnerabilities before they happen. But according to
researchers, cross-site scripting (XSS) flaws happen to them, too.
According to a report on the Netcraft security site, an XSS
vulnerability already has been uncovered on the Cyber Security Challenge
UK website, before the site has even been made ready for candidates to
The Cybersecurity Challenge was established by a management consortium
of key figures in cyber security, and is designed to test the mettle of
The simple coding error was demonstrated a short while ago by James
Wheare, according to the report. Wheare told Netcraft that he was
prompted to look for the hole after reading a friend's tweet, and
noticed insufficient encoding in the page's tags.
Best Selling Security Books and More!
Shop InfoSec News