Two recent studies have cast some light on the current state of web application security. How bad is it out there? Bad. 82% of web sites had either a Critical, High, or Urgent vulnerability within the past calendar year, with Cross-Site Scripting being the most prevalent.
Once upon a time, Cross-Site Scripting was viewed as little more than an annoyance. As the use