SQL injection and cross-site scripting are two significant vulnerabilities present in applications today. In a recent study by Verizon and others, it was found that cross-site scripting and SQL injections are prevalent in many Internet-facing applications.
- Discuss why developers are not able to remedy these flaws before production deployment of applications.
- Do they overlook these flaws for speed to market or do you believe there is a lack of training to avoid these flaws?