Cross-site scripting (XSS) is a vulnerability that allows a hacker inject code into areas of a website that the hacker cannot control. The code injected by the hacker executes every time the page is viewed. Because of this, the hacker can possibly gain personal information of the user related to that site.
Two types of XSS attacks are reflected XSS attacks and stored XSS attacks. Reflected XSS attacks occur when the malicious script is in the actual request and the server inserts the script in the response. It affects the user whenever he or she browses to the malicious URL. Stored XSS attacks are when the hacker stores the attack in the application itself. It's triggered when the user browses to a page on the server where the attack is stored.
For more information, please follow the link to the OWASP page regarding this topic.
Good one article. I want to know in detailed form about it. I discussed the same with my circle. But I don't have much more information. Please share some more information. Thanks.
ReplyDeleteeSignature