
Other technical flaws on the up include HTTP response splitting and SQL injection, the research suggests.
HTTP response splitting has been underestimated and has evaded most corporate scanning technology since its discovery several years ago, according to WhiteHat.
“These statistics continue to reveal recurring and emerging issues that are affecting websites,” Jeremiah Grossman, founder and chief technology officer at Whitehat Security, said in the report.
“The first step towards stemming the onslaught of attacks is thorough understanding of the nature of the problem,” he added.
WhiteHat Security is a website vulnerability management services company.