Published in

Reflected Cross Site Scripting

Cross Site Scripting (XSS) attacks are a type of injection attack, where scripts are injected into a tusted website application. There are sub categories of XSS attack, which work very differently. Generally, an XSS attack is performed using a browser side script, with the intent to run on a different users session.

The intent of an XSS attack is to steal cookies, session tokens, or other sensitive information and divert this information to somewhere not intended. More information can be found on the OWASP website:




Tech Articles, Focusing on Software Development, DevOps, Cloud and UX

Recommended from Medium

Proctoring Software and Abusability Testing

Digital Labyrinth

An Interview with Ritesh Agrawal, CEO of Airgap Networks

PHP Website Hacked? These PHP Vulnerabilities Can Be the Cause

PHP Website hacked Expression Engine CMS Help

Chameleon Apps making Joke of App Store vetting process

Cloud Storage vs Tape Storage: Understanding the Pros & Cons

{UPDATE} Subway kid surf Hack Free Resources Generator

NKN Monthly Report: November 2021

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Craig Godden-Payne

Craig Godden-Payne

Technologist who enjoys writing and working with software and infra. I write up all the things I learn as I go along to share the knowledge!

More from Medium

Lab: Reflected XSS in a JavaScript URL with some characters blocked

Write-up: Cross-site WebSocket hijacking @ PortSwigger Academy

HTTP Header Injection

PortSwigger Web Security Academy Server-side topics — SQL Injection