Cross-Site Scripting (XSS)
What is Cross-Site Scripting (XSS)?
The attacker injects their own script code into a trusted website. The website’s vulnerabilities are exposed, usually via JavaScript and sometimes via VBScript.
Types of Cross-Site Scripting
Reflected
Scripts are never stored, they’re just shown in the website
The user is presented with a malicious link, when the unsuspecting user clikcs on the link, the malicious script will get executed by the user’s browser.
Persistent
Scripts are stored by the website database, XML files, log files, user profiles, forums, posts, or message boards. Happens less frequently, but the consequences are far more severe.
DOM-Based
The Cross-Scripting attack happens in the DOM instead of the HTML. The HTML source code and the attackers response will be exactly the same, so the payload can only be found in runtime or if the DOM is investigated.
Preventing Cross-Site Scripting Attacks
- Validate all inputs on the server side. Don’t use client-side input validation, it can be bypassed by proxies
- Safely store and process raw data using methods that prevent injection
- Escape and encode output so input is never interpreted
References
Cheat Sheet
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet
Great Examples
http://www.thegeekstuff.com/2012/02/xss-attack-examples/?utm_source=tuicool