A research report released by WhiteHat Security claims 90% of all websites they have tested are vulnerable to either hijacking or infection. Specifically, the vulnerabilities are XSS) and HTTP Resource Splitting. WhiteHat Security's founder Jeremiah Grossman outlines the fundamentals of HTTP Resource Splitting as not only violating the HTTP response body but controlling the response header as well. Such attacks allow hackers to trick users into passing sensitive information (e.g., names, passwords, etc.) directly into their hands. Additionally, the vulnerable sites are often compromised via SQL Injection, whereupon hackers are able to illicitly query databases beyond the access a page is intended to provide.