vulnerability
7 articles with this tag
What is CSRF (Cross-Site Request Forgery) — making a logged-in user act without meaning to
CSRF makes a logged-in user's browser send an unintended action, abusing the browser's habit of auto-attaching cookies. The real defense is CSRF tokens plus SameSite cookies. Never use GET for state changes.
What is SQL injection (SQLi) — when input rewrites your database's commands
SQLi is when input is read as 'part of the command' rather than data, changing a query's meaning — straight to read/alter/delete. The real defense is to stop string-concatenating SQL and pass values via placeholders (prepared statements).
What is XSS (Cross-Site Scripting) — code running in someone else's browser
XSS makes an attacker-supplied string run 'as script' in another user's browser — straight to session theft and impersonation. The real defense is escaping on output. Don't disable your framework's auto-escaping.
What is a CVE — the shared 'jersey number' for vulnerabilities
A CVE is a globally shared ID for a vulnerability (e.g. CVE-2025-12345). CVE = the name, CVSS = severity, KEV = is it exploited. It's the anchor for monitoring. Track it with machines, not by hand.
What is CVSS — the severity score and how it's actually scored
CVSS rates severity 0.0–10.0. The score is computed from defined metrics (attack vector, complexity, privileges, user interaction, scope, CIA impact) through a public formula — not a guess. Know the rubric and you can read what a 10.0 means. Still, prioritize with KEV (is it exploited) and whether you use it.
What is SSRF (Server-Side Request Forgery)
SSRF abuses external-input URLs to make a server hit internal resources (internal IPs, cloud metadata). If you fetch URLs, you need an allowlist of destinations, internal-target blocking, and to close redirect/DNS-rebinding gaps. It was the entry point of the Capital One breach.
What is RCE (Remote Code Execution) — why it's the worst class of bug
RCE lets an attacker run arbitrary code on your server — straight to takeover, the worst class. The blast radius is set by the running process's privileges. The core defenses are fast patching, CVE monitoring, and least privilege.