You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
xiaofeng wang
About this tag
This tag covers content related to Xiaofeng Wang, a researcher whose work on web security is discussed in a forum thread. The thread examines vulnerabilities in Cashier-as-a-Service (CaaS) systems, where third-party payment services like PayPal and Amazon Payments are integrated into merchant websites. The research highlights security flaws in popular e-commerce platforms and payment providers, demonstrating how attackers could exploit state coordination issues to shop for free. The discussion is technical and security-focused, relevant to developers and IT professionals concerned with web application security.
Web applications increasingly integrate third-party services. The integration introduces new security challenges due to the complexity for an application to coordinate its internal states with those of the component services and the web client across the Internet. In this paper, we study the...