What: Cross-site scripting (XSS) is a type of attack in which malicious scripts are injected into a trusted website. It typically occurs due to lack of input sanitization and further rendering of this unsafe input, in a web application. There are primarily two types: Stored / Persistent XSS: In this type…

As per the Wikipedia definition: HTTPS or HTTP Secure is an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network. It is what manifests itself as the green padlock icon that can be seen in the ‘Address Bar’ of your browser, when visiting any website…

Cross-Site Request Forgery also known as CSRF / XSRF is an HTTP level vulnerability. In a CSRF attack, an attacker tricks the user into visiting a different web-page (eg — evil.com) with malicious code that secretly sends a request to the application’s web server (eg — abc-bank.com ). Here’s a…