XSS ( CROSS SITE SCRIPTING)

CROSS SITE SCRIPTING (XSS)

         Cross site scripting is a type of security vulnerability that can found in some web application.  XSS attacks enable attackers to inject client-side scripts into web page viewed by other users.  A cross-site scripting vulnerability may be used by attackers to bypass access control such as the same-origin policy.


How XSS is executed?

          XSS  occurs when an attacker tricks a web application into sending data in a form that a user's browser can execute.  Most commonly,  this is a combination of HTML and XSS provided by the attacker,  but XSS can also be used to deliver malicious downloads, plugins, or media content.

Comments

Post a Comment

Popular posts from this blog

CYBER SECURITY

Image
WHAT IS CYBER SECURITY? Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. TYPES OF CYBER SECURITY? 1. Critical infrastructure security. 2. Application security. 3. Network security. 4. Cloud security. 5. Internet of Things (IoT) security.
Read more

IP(Internet Protocol)

Image
What does IP do? IP is responsible for routing of the packets or the datagrams, it transports datagrams or the packets from a source to a destination. This is called routing.  So, it will decide which node to forward it the packet next, that next node will again decide where to forward that packet next, this way the packet will finally reach the destination. So, the network layer or the IP layer in each of these nodes will be responsible for this routing or packet forwarding. This IP has an additional responsibility   , if it finds that a packet is large, too large, it may break a packet into smaller packets, this is called fragmentation .  The point to note is that IP uses datagrams and when you talked about datagrams, datagram is an unreliable service; unreliable in the sense that some datagrams might get lost, some duplicates might get generated, datagrams maybe received out of order at the destination. So, such scenarios may happen. So, means if you are ...
Read more

TYPES OF XSS?

 THERE ARE THREE MAIN TYPES OF XSS ATTACKS:- 1. Reflected XSS :-             Where the Malicious script comes from the current HTTP request. 2. Stored XSS :-             Where the Malicious script comes from the website's database. 3. DOM-based XSS :-             Where the vulnerability exists in client-side code rather than server-side code.
Read more