Tag Archives: security

W3C Password Reset

As part of improving its infrastructure, W3C arranged an extensive penetration test by the security consulting firm Cure53. They found several different types of vulnerabilities including SQL Injection (SQLi). The W3C Systems Team determined these were used to gain unauthorized access to its user database and to harvest encrypted passwords. Since there is potential (with […]

When Widgets Go Wrong

Widgets provide front-ends to all kinds of information sources on the Web; several thousand are available for download. Obviously, the use of Web technologies has been a huge success here, enabling people to adapt their programming experience from the Web to their local platform. With the Web programming platform, though, come the Web's programming practices and security issues, sometimes with more serious consequences than before.