🥷
Red
  • 🟥Overview
  • 📚Education
    • 🧐Guides
    • 🏋️Training
    • 📕Books
    • 🥳Conventions
    • 📰News
    • 🗝️Physical Tools
    • 🗣️Podcasts
    • 📹YT Channels
  • Setup
    • ctf setup
    • Exploitation Frameworks
    • Learning Offense
    • rando
  • ⭕Attacker Lifecycle
    • Steps
      • Engagement
      • 🔬Recon
        • OSINT
        • Active Recon / footprinting
      • 👀Initial Access
        • Exploit
          • SMB
        • Internal Recon
        • Linux Custom Enum Script
        • enumerate Script
        • Windows Privilege Escalation
      • 🧞Privilege Escalation
        • Ways To Privelege Escalate
      • Data Exfil
        • Data Exfil 1
      • Reporting
  • Bug Bounty
    • Bug Bounty Sites
    • OWASP Top 10
      • Injection
      • Broken Authentication
      • Sensitive Data Exposure
      • XML External Entities (XXE)
      • Broken Access Control
      • Security Misconfigurations
      • Cross-Site Scripting (XSS)
      • Insecure Deserialization
      • Using Components with Known Vulnerabilities
      • Insufficient Logging and Monitoring
Powered by GitBook
On this page
  1. Bug Bounty
  2. OWASP Top 10

Using Components with Known Vulnerabilities

Many applications use third-party libraries, frameworks, or other components. If these components have known vulnerabilities and are not updated, attackers can exploit them to compromise the application.

<script src="https://example.com/old-library.js"></script>

In this example, the web application includes an outdated JavaScript library with known security vulnerabilities. An attacker can exploit these vulnerabilities to launch attacks against the application.

To mitigate this risk, keep all components, libraries, and frameworks up to date. Regularly check for security advisories and patches related to the components used in the application.

PreviousInsecure DeserializationNextInsufficient Logging and Monitoring

Last updated 1 year ago