Skip to main content

Posts

Showing posts with the label Cross site scripting

Cross-Site Scripting (XSS) Vulnerability

Cross-site scripting   ( XSS ) is a type of   computer security   vulnerability   typically found in   Web applications . Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into  trusted web sites.   Cross-site Scripting ( XSS )  is generally believed to be one of the most common application layer hacking techniques. XSS is the hacking technique that leverages vulnerabilities in the code of a web application to allow an attacker to send malicious content from an end-user and collect some type of data from the victim. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite