Konubinix' opinionated web of thoughts

Cross-Site Scripting


XSS stands for Cross Site Scripting


Cross site scripting is the method where the attacker injects malicious script into trusted website.


Stored XSS - Vulnerability coming from unprotected and not sanitized user inputs those are directly stored in database and displayed to other users


Reflected XSS - Vulnerability coming from unprotected and not sanitized values from URLs those are directly used in web pages


DOM based XSS - Similar as reflected XSS, unprotected and not sanitized values from URLs used directly in web pages, with difference that DOM based XSS doesn’t even go to server side


Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec up until 2007.[1] XSS effects vary in range from petty nuisance to significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site’s owner network


d’injecter du contenu dans une page, provoquant ainsi des actions sur les navigateurs web visitant la page


DOM-based cross-site scripting

DOM-based cross-site scripting happens when data from a user controlled source (like user name, or redirect URL taken from the URL fragment) reaches a sink, which is a function like eval() or a property setter like .innerHTML, that can execute arbitrary JavaScript code.


Notes pointant ici