I've started using AJAX in my web applications but I'm concerned about any security risks that I should be taking into account. Does this technology make web applications more vulnerable?
You should have the same security concerns with the traditional web page model. Look for SQl injectsions for the database and JavaScript injections with text that is going to be displayed on the screen.
Eric hit this one right on the head - anything you can do security wise with "old fashioned" web pages can be done with Ajax so the same precautions apply. Ben and Dion hit on this in a recent Audible Ajax. Here's a link to Odeo: Audible Ajax.
Nate Schutta<br />Coauthor of <a href="http://www.amazon.com/exec/obidos/redirect?link_code=ur2&camp=1789&tag=ntschuttacom-20&creative=9325&path=tg/detail/-/1590595823/qid=1127567332/sr=8-1/ref=pd_bbs_1?v=glance%26s=books%26n=507846" target="_blank" rel="nofollow">Foundations of Ajax</a><br />My blog: <a href="http://www.ntschutta.com/jat/" target="_blank" rel="nofollow">Just a Thought</a>