A new vulnerability, termed JavaScript hijacking, was recently identified that specifically affects the rich, interactive interfaces typically associated with Ajax and Web 2.0 applications. The vulnerability, which can occur in any application that uses JavaScript as a data transport mechanism, can compromise the integrity of the vulnerable website, as well as expose users sensitive private information. JavaScript hijacking represents a new and critical attack vector that organizations developing Web 2.0 applications should take immediate steps to avoid. In other words, its hot.
