The IT Law Wiki

Web injection

32,062pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Web injection is

[a] type of security exploit in which the attacker adds code to a Web form input box to gain access to resources or make changes to data. Input boxes are typically for user authentication, however most Web forms have no mechanisms in place to block input other than names and passwords. Unless such precautions are taken, an attacker can use the input boxes to send their own request to the database, which could allow them to download the entire database or interact with it in other illicit ways.[1]

References Edit

  1. Best Practices to Address Online and Mobile Threats, at 48.

Also on Fandom

Random Wiki