The scan result with this trial version of Acunetix with limited functionality, as presented in Figure 3, shows more than 100 XSS injections and one breach attack with other medium threats and low. The “BREACH attack” threat in MySpace allows an attacker to exploit information leaked from compression to recover targeted portions of plaintext. The “Cross site scripting” threat in this case allows an attacker to inject malicious code into another user to steal the session cookie and take over the account. Medium risk or “HTML form without CSRF protection” could be a false positive warning. But it allows an attacker to make the user perform actions chosen by the attacker in order to compromise users' data. The “Clickjacking: X-Frame-Options header missing” vulnerability means that the server did not return an X-Frame-Options Options which means that this website could be at risk of a Clickjacking attack. “File Upload” risk is allowing users to upload files such as images, documents and others to the web application without being securely checked which could be used by an attacker to upload a malicious file