"On the “server-side”, XML based Web services are replacing some of the
key functionalities and providing distributed application access
through Web services interfaces. These remote capabilities to invoke
methods over GET, POST or SOAP from the Web browser itself provide new
openings to applications. On other side, RIA frameworks running on XML,
XUL, Flash, Applets and JavaScripts are adding new possible sets of
vectors. RIA, AJAX and Web services are adding new dimensions to Web application security.
Here is the list of 10 attack vectors along with a brief overview of each:"
Article Link: http://www.net-security.org/article.php?id=949
