Lesson 2: Cross-site Scripting (XSS) and Insecure Direct Object References

Cross-site Scripting (XSS) and Insecure Direct Object ReferencesThis E-Commerce Security Course second lesson covers the following:

  1. Cross-site Scripting (XSS)
  2. Insecure Direct Object References

This lesson is conducted in partnership with Isaac Sabas and Jonathan Mantua of Pandora Security Labs. (offers advance IT security training and provider of WebRanger – an online security monitoring and attack blocking service.)

(Should you encounter a “secure connection failed” message in any of the video embedded, just click on the “try again” button to load it.)

WARNING: STUDENTS PARTICIPATING IN THIS PROGRAM SHOULD USE THE KNOWLEDGE AND INSIGHTS GAINED IN A RESPONSIBLE MANNER. Probing and attacking websites, whether successful or not, is a CYBERCRIME and will make you liable under the E-Commerce Law, CyberCrime Law, and Data Privacy Law.

Cross-Site Scripting (XSS)

Insecure Direct Object References