xanix
Advanced
- Joined
- 20.10.20
- Messages
- 110
- Reaction score
- 892
- Points
- 93
Google announced the launch of a knowledge base with information about a class of vulnerabilities, XS XS-leaks. These vulnerabilities are related to incorrect use of the usual behavior of the web platform by modern web applications, which leads to leakage of information about the user or information that the user entered into other web applications.
XS-security is designed to help the information security community better understand these issues and strengthen protection. In fact, Google invites security researchers to help expand their knowledge base and share details about new attacks and defenses.
The XS leak site is AVAILABLE ON xsleaks. dev and contains information about the causes leading to cross-site leaks. It includes a small article with a detailed description of each site leak, p, p, PoC-P.
The knowledge base will also help web developers understand how browser security mechanisms can protect applications from cross-site leaks.
"Each attack described in the wiki is accompanied by an overview of the security features that can prevent or mitigate it. The knowledge base is designed to effectively provide guidance to help developers implement new browser security features, such as fetching metadata request headers, Cross-origin policy opener, Cross-origin resource policy, and SameSite cookies," Google explained.
XS-security is designed to help the information security community better understand these issues and strengthen protection. In fact, Google invites security researchers to help expand their knowledge base and share details about new attacks and defenses.
The XS leak site is AVAILABLE ON xsleaks. dev and contains information about the causes leading to cross-site leaks. It includes a small article with a detailed description of each site leak, p, p, PoC-P.
The knowledge base will also help web developers understand how browser security mechanisms can protect applications from cross-site leaks.
"Each attack described in the wiki is accompanied by an overview of the security features that can prevent or mitigate it. The knowledge base is designed to effectively provide guidance to help developers implement new browser security features, such as fetching metadata request headers, Cross-origin policy opener, Cross-origin resource policy, and SameSite cookies," Google explained.