Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What are Cross-Site Scripting (XSS) attacks ?

user-image
Question ajoutée par Adel Ezat Fawzy Ellozy , Webdeveloper. , Saudi Arabian Maritiem Sports Federation
Date de publication: 2017/02/20
khalil malki
par khalil malki , Senior Developer , Delta airlines

Hi,

 

I think OWASP has the best answers to this:

https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

 

Preventing this takes steps on front and back. Plus, it depends on the programing language you are using and the framework.

 

 

Ehab  Shaker
par Ehab Shaker , Dot Net Developer , Info Strategic

XSS is a security breach that takes advantage of dynamically generated Web pages.

it enables attackers to inject client-side scripts into web pages viewed by other users

Utilisateur supprimé
par Utilisateur supprimé

Thank you for the question, I learnt from previous answers

Adel Ezat Fawzy Ellozy
par Adel Ezat Fawzy Ellozy , Webdeveloper. , Saudi Arabian Maritiem Sports Federation

The idea of xss is that a hacker can inject their own custom JavaScript into a webpage. It's used to trick users into running their custom JavaScript code. And they also used to steal cookies. And if they steal cookies they can steal the cookies data as well as potentially session data, which has been linked with a cookie.

Mohammed Akbar Shariff
par Mohammed Akbar Shariff , Product Security Engineer , Phonepe India Pvt Ltd

XSS(cross site scripting) in simple words is running user written script in text input box of any website and watching the same script reflecting on the website, which is a huge vulnerability, without any admin privilege a Attacker will be able to manipulate or change website's UI with which one can be fooled for malicious content or attacker might steal cookies with session information etc, brief explanation on this can be obtained at OWASP or Acunetix website.

Ahmed Elbasuny
par Ahmed Elbasuny , CRM Consultant and web developer , Nas Manpower

really its a big gap in web site design ...why its famous Gap

 because meny of  web sites like Apple ,Uponto its hacked by this gap

this depend on Client Side programming Languages 

see that to understand more

https://www.acunetix.com/websitesecurity/cross-site-scripting/

Adam Ahmed
par Adam Ahmed , IT & Web Developer , Freelance

Basm allah alrahman alrahim

 

look at wikipedia XSS

 

 

More Questions Like This