Cross-site scripting bugs have been a major problem for Web site operators for years now, and while their causes and their solutions are both well-understood, they're still quite pervasive. But a new free service is aiming to help site owners avoid the serious compromises that can follow an attack on an XSS flaw.
On Monday, software security firm Veracode released a new free service
that is designed to enable Web site owners to scan their Java applets for XSS bugs. Site owners can upload their applets to Veracode's servers and the company will scan the application for existing XSS vulnerabilities.