Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Gallup’s XSS Woes: Vulnerabilities Patched Amid Election Season Drama
Gallup rushed to patch cross-site scripting vulnerabilities on its website during election season. These XSS flaws, reported by Checkmarx, didn’t compromise internal data but highlighted the need for better query string sanitization.
Hot Take:
Gallup might have been caught off-guard by some cross-site scripting (XSS) vulnerabilities, but at least their polls are still secure! Maybe they should start polling their cybersecurity team about best practices.
Key Points:
- Gallup rushed to patch two XSS vulnerabilities in their website over the summer.
- First flaw: A reflected XSS bug with a CVSS score of 6.5 out of 10.
- Second flaw: A DOM-based XSS vulnerability with a CVSS score of 5.4.
- The vulnerabilities did not impact Gallup’s internal data or polling.
- Multiple updates and corrections were made to the original news report due to disputed research claims.
Already a member? Log in here