“Nobody would bother to hack us.”
“Our network firewall will keep us safe.”
“We will add security to the system later.”
“What's the worst that could happen?”
A flaw or weakness in system security procedures, design, implementation, or internal controls that could […] result in a security breach or a violation of the system's security policy.
A piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized).
Smuggling in unintended commands along with the data sent to an interpreter.
You go to court and write your name as "Michael, you are now free to go".
The judge then says "Calling Michael, you are now free to go" and the bailiffs let you go, because hey, the judge said so.
...to an innocent user's browser through, e.g. a link in a phishing email like the following:
you might be intrerestred in our new Juice Shop special offer! We are cheap but offfer best quality on the plnaet: Click here for special Juice Shop offer!
Bjoern (VP Sales and Marketing, Juice Shop Inc.)
Presentation created with reveal.jsThe HTML Presentation Framework
Based on free material provided by OWASPThe Open Web Application Security Project
Background image based on Digital Shodanby sephiroth-kmfdm