Abstract: A system for monitoring and mitigating client-side exploitation of application flaws includes a server to operate a first application. The first application communicates with a client device operating a second application to execute an application flaw script. The application flaw script causes the client device to produce a first request associated with vulnerability of the first application. An application flaw service module, communicatively coupled to the server, receives the first request from the client device comprising transactional metadata based on the application flaw script and inspects the transactional metadata for malicious content within the first request.

Abstract: A system for monitoring and mitigating client-side exploitation of application flaws includes a server to operate a first application. The first application communicates with a client device operating a second application to execute an application flaw script. The application flaw script causes the client device to produce a first request associated with vulnerability of the first application. An application flaw service module, communicatively coupled to the server, receives the first request from the client device comprising transactional metadata based on the application flaw script and inspects the transactional metadata for malicious content within the first request.

Abstract: A system for monitoring and mitigating client-side exploitation of application flaws, the system comprising a client device operating an application, a server communicatively coupled to the client device, and an application flaw service module communicatively coupled to the client device and server in which the application flaw service module receives a request from the client device comprising transactional metadata and inspecting the transactional metadata for malicious content within the request. A method of monitoring and mitigating client-side exploitation of application flaws by adding computer usable program code to the response to a first request from a client, receiving a second request from the client, determining that transactional metadata within the response contains an attack vector, and returning a response to the browser including attack vector countermeasures embedded in the response.