From the course: JavaScript: Security Essentials
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
What is server-side JavaScript injection (SSJI)? - JavaScript Tutorial
From the course: JavaScript: Security Essentials
What is server-side JavaScript injection (SSJI)?
- [Instructor] Server-Side Injections are malicious code injected into a vulnerable server and can be done through forms on the client side where the form or function makes a request to the server to make the server run in loops, or in the case of SQL or NoSQL injections can be used to get user data. If you've ever used eval, setTimeout, setInterval, or function in your code, it can be exploited for a DDoS attack or a denial service attack where the hacker simply has to input a simple line to render your server useless or send any kind of malicious code into your server. Equally important and dangerous is the use of SQL or NoSQL commands to inject code into the query that can run these commands into the database such as being able to pull data from the database or any other command available. And what's worse? Injecting code into servers is easy and therefore should be at the forefront of your concerns when working on securing your servers and databases. So let's explore how code…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.