Cross Site Scripting

Cross-site scripting (XSS)

Cross Site Scripting is a kind of attack which happens when malicious code is injected into an application. It affects the users of the application. User accounts may also be compromised. Users can even be misleaded into surrendering their private data and thus exposing their session cookie. The attacker can now act as a valid user and take advantage of their private accounts

Cross Site Scripting can be classified into two namely Stored and Reflected XSS

Stored XSS

It can also be called as Persistent XSS . This is more devastating than the other one. It involves reflecting malicious scripts off a web application onto a user’s browser. A vulnerability is located in a web application and malicious script will be injected into the same. It mainly targets websites that allow users to share content which includes blogs , social networks, video sharing platforms etc.

Reflected XSS

A JavaScript gets activated after a link is clicked. Unlike stored XSS this does not happen on just visiting a compromised web page thus the reach of this attack is less and less endangering to the visitors. This attack is relatively simpler to execute