It's one of those obvious things.  A defect is a defect, right?  Whether the airbag is faulty, or the gas cap doesn't hold pressure... a defect is a defect.  The strange thing is - it hasn't been that way, and still isn't that way, in most of the IT shops I've been in.  Why? The reason is simple.  ...

Hello all - I have been researching XSRF lately and am curious about the WebInspect test for this vulnerability.  Specifically, Vulnerability ID 10044 states in the Execution section: "If the session is vulnerable to a Cross-Site Request Forgery attack, the same HTML sent in the request will also appear as part of the response. View ...