aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJordan Sitkin <jordan@fiftyfootfoghorn.com>2017-08-22 13:43:50 -0700
committerJordan Sitkin <jordan@fiftyfootfoghorn.com>2017-08-22 13:43:50 -0700
commitf7d088645ed1a31c9786a4834ca8d7b205153ecc (patch)
tree18a4aa3f9b84a26a2dc16aae587fca053e3341ab
parent665ac7cff212d010a3573f85cea895666fbaad15 (diff)
downloadrails-f7d088645ed1a31c9786a4834ca8d7b205153ecc.tar.gz
rails-f7d088645ed1a31c9786a4834ca8d7b205153ecc.tar.bz2
rails-f7d088645ed1a31c9786a4834ca8d7b205153ecc.zip
Grammar fix
Changed the phrase '... and many more high targets' to '... and many more high _profile_ targets'
-rw-r--r--guides/source/security.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md
index 7736a4b224..d0d7e12b0a 100644
--- a/guides/source/security.md
+++ b/guides/source/security.md
@@ -687,7 +687,7 @@ The most common entry points are message posts, user comments, and guest books,
XSS attacks work like this: An attacker injects some code, the web application saves it and displays it on a page, later presented to a victim. Most XSS examples simply display an alert box, but it is more powerful than that. XSS can steal the cookie, hijack the session, redirect the victim to a fake website, display advertisements for the benefit of the attacker, change elements on the web site to get confidential information or install malicious software through security holes in the web browser.
-During the second half of 2007, there were 88 vulnerabilities reported in Mozilla browsers, 22 in Safari, 18 in IE, and 12 in Opera. The [Symantec Global Internet Security threat report](http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiii_04-2008.en-us.pdf) also documented 239 browser plug-in vulnerabilities in the last six months of 2007. [Mpack](http://pandalabs.pandasecurity.com/mpack-uncovered/) is a very active and up-to-date attack framework which exploits these vulnerabilities. For criminal hackers, it is very attractive to exploit an SQL-Injection vulnerability in a web application framework and insert malicious code in every textual table column. In April 2008 more than 510,000 sites were hacked like this, among them the British government, United Nations, and many more high targets.
+During the second half of 2007, there were 88 vulnerabilities reported in Mozilla browsers, 22 in Safari, 18 in IE, and 12 in Opera. The [Symantec Global Internet Security threat report](http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xiii_04-2008.en-us.pdf) also documented 239 browser plug-in vulnerabilities in the last six months of 2007. [Mpack](http://pandalabs.pandasecurity.com/mpack-uncovered/) is a very active and up-to-date attack framework which exploits these vulnerabilities. For criminal hackers, it is very attractive to exploit an SQL-Injection vulnerability in a web application framework and insert malicious code in every textual table column. In April 2008 more than 510,000 sites were hacked like this, among them the British government, United Nations, and many more high profile targets.
#### HTML/JavaScript Injection