Why you can’t store passwords in clear text The main reason is to minimize damage in case of a database leak. If an attacker gets only usernames and email addresses, this is
What is XSS XSS is when an attacker tries to add his own javascript code through the forms on the site (feedback, checkout, etc.), which will then be executed in the browser
What is SQL Injection SQL injection is the substitution of such data into an SQL query that changes the structure of this query. An attacker could exploit the vulnerability to execute arbitrary SQL.
Single point of entry The principle of a single entry point is very simple. The web server is configured so that all HTTP requests, regardless of their URL, are processed by the