Application Security

Cyberattack and cybersecurity terms related to application security

Zero-day attack

A zero-day attack (also referred to as Day Zero) is an attack that exploits a potentially serious hardware, firmware, or software security weakness that the vendor or developer may be unaware of.

XQuery Injection

XQuery Injection uses improperly validated data that is passed to XQuery commands. This in turn will execute commands on behalf of the attacker that the XQuery routines have access to.

XPath Injection

XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents.

XML Injection

XML Injection is an attack technique used to manipulate or compromise the logic of an XML application or service.

XML External Entity

An XML External Entity (XXE) attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser.

XML bombs

An XML bomb is a small but dangerous message that is composed and sent with the intent of overwhelming the program that parses XML files.

WSDL leakage

The Web Service Definition Language (WSDL) file is a web services deployment descriptor that outlines the functionality provided by the web service ...

WebSocket Hijacking

WebSockets simplify the communication between browsers and servers by overcoming some of the traditional restrictions.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center