What:

Cross-site scripting (XSS) is a type of attack in which malicious scripts are injected into a trusted website. It typically occurs due to lack of input sanitization and further rendering of this unsafe input, in a web application.

As per the Wikipedia definition:
HTTPS or HTTP Secure is an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network.

It is what manifests itself as the green padlock icon that can be seen in the ‘Address Bar’ of…

Cross-Site Request Forgery also known as CSRF / XSRF is an HTTP level vulnerability.

In a CSRF attack, an attacker tricks the user into visiting a different web-page (eg — evil.com) with malicious code that secretly sends a request…