Computer Security: Cross-Site Scripting, Cross-site Request Forgery & SQL- Report Writing Assignment

Internal Code: MAS7301

Report Writing Assignment:

Task: Cross-site Scripting (XSS), Cross-site Request Forgery (CSRF) and Structured Query Language (SQL) Injections are common attacks, exploiting web application vulnerabilities. Your task is to select one attack type from either XSS, CSRF or SQL injection as the basis for your report and explain and graphically depict all components of the attack by addressing the following two requirements: 1. Develop a detailed walkthrough of how your chosen attack type would theoretically operate in the real-world. This section should clearly represent each stage of the attack with supportive discussions. 2. Select one CVE and proceed to identify and explain the intricacies of that real-world incident that eventuated based on your chosen attack type. By explaining your selected real-world incident, you should at a minimum answer the following questions: a. What was the outcome of your chosen incident?b. What was the impact of your chosen incident? c. Which aim(s) of security was breached and what were the resultant consequences? d. What specific action(s) did the vendor/company/organisation take to address the issue?