The quarterly report shows that cross-site scripting (XSS) was the most prevalent problem, appearing in three quarters of sites, followed by information leakage that was found in 53 percent of websites.
Other technical flaws on the up include HTTP response splitting and SQL injection, the research suggests.
HTTP response splitting has been underestimated and has evaded most corporate scanning technology since its discovery several years ago, according to WhiteHat.
“These statistics continue to reveal recurring and emerging issues that are affecting websites,” Jeremiah Grossman, founder and chief technology officer at Whitehat Security, said in the report.
“The first step towards stemming the onslaught of attacks is thorough understanding of the nature of the problem,” he added.
WhiteHat Security is a website vulnerability management services company.
Nine out of ten websites are at risk
By Fiona Raisbeck on Oct 17, 2007 9:39AM