As many as 90 per cent of websites have serious vulnerabilities that make them a target for online attacks, according to research by WhiteHat Security.The quarterly report shows that cross-site scripting (XSS) was the most prevalent problem, appearing in three quarters of sites, followed by information leakage that was found in 53 per cent of websites.
Other technical flaws on the up include HTTP response splitting and SQL injection, the research suggests.
HTTP response splitting has been underestimated and has evaded most corporate scanning technology since its discovery several years ago, according to WhiteHat.
“These statistics continue to reveal recurring and emerging issues that are affecting websites,” Jeremiah Grossman, founder and chief technology officer at Whitehat Security, said in the report.
“The first step towards stemming the onslaught of attacks is thorough understanding of the nature of the problem,” he added.
WhiteHat Security is a website vulnerability management services company.