Web 2.0 deployments hit by JavaScript flaw

Fortify software has uncovered a flaw affecting the Javascript programming language

Firms hoping that Web 2.0 technologies may be more secure than current web applications, were dealt a blow today as security firm Fortify Software announced that it had found an industry-wide critical flaw in the JavaScript programming language.

Termed ‘JavaScript Hijacking’, the flaw allows unauthorised attackers to read sensitive data contained in JavaScript messages. Fortify has released a security advisory detailing the flaw - which uses a