ابدأ بالتواصل مع الأشخاص وتبادل معارفك المهنية

أنشئ حسابًا أو سجّل الدخول للانضمام إلى مجتمعك المهني.

متابعة

What are Cross-Site Scripting (XSS) attacks ?

user-image
تم إضافة السؤال من قبل Adel Ezat Fawzy Ellozy , Webdeveloper. , Saudi Arabian Maritiem Sports Federation
تاريخ النشر: 2017/02/20
khalil malki
من قبل khalil malki , Senior Developer , Delta airlines

Hi,

 

I think OWASP has the best answers to this:

https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

 

Preventing this takes steps on front and back. Plus, it depends on the programing language you are using and the framework.

 

 

Ehab  Shaker
من قبل Ehab Shaker , Dot Net Developer , Info Strategic

XSS is a security breach that takes advantage of dynamically generated Web pages.

it enables attackers to inject client-side scripts into web pages viewed by other users

مستخدم محذوف‎
من قبل مستخدم محذوف‎

Thank you for the question, I learnt from previous answers

Adel Ezat Fawzy Ellozy
من قبل Adel Ezat Fawzy Ellozy , Webdeveloper. , Saudi Arabian Maritiem Sports Federation

The idea of xss is that a hacker can inject their own custom JavaScript into a webpage. It's used to trick users into running their custom JavaScript code. And they also used to steal cookies. And if they steal cookies they can steal the cookies data as well as potentially session data, which has been linked with a cookie.

Mohammed Akbar Shariff
من قبل Mohammed Akbar Shariff , Product Security Engineer , Phonepe India Pvt Ltd

XSS(cross site scripting) in simple words is running user written script in text input box of any website and watching the same script reflecting on the website, which is a huge vulnerability, without any admin privilege a Attacker will be able to manipulate or change website's UI with which one can be fooled for malicious content or attacker might steal cookies with session information etc, brief explanation on this can be obtained at OWASP or Acunetix website.

Ahmed Elbasuny
من قبل Ahmed Elbasuny , CRM Consultant and web developer , Nas Manpower

really its a big gap in web site design ...why its famous Gap

 because meny of  web sites like Apple ,Uponto its hacked by this gap

this depend on Client Side programming Languages 

see that to understand more

https://www.acunetix.com/websitesecurity/cross-site-scripting/

Adam Ahmed
من قبل Adam Ahmed , IT & Web Developer , Freelance

Basm allah alrahman alrahim

 

look at wikipedia XSS

 

 

المزيد من الأسئلة المماثلة