Cross-site scripting (XSS) - What's that and how to identify them?
On my blog are some vulnerabilities called "Cross-site scripting" or "XSS", but what exactly is a Cross-site scripting?
A Cross-site scripting attack is a type of a html injection and the problem is always when a web application accept user input and generates the output without validating or encoding it. This flaw makes it possible for an attacker to inject a malicious script – like javascript – to access cookies, session tokes or some other sensitive information stored in the user’s browser, because it thinks the script came from a trusted source.
They are some different possibilties to identify XSS vulnerabilities:
- use a web security scanner, like xsser, arachni, Nikto …
- test/review the code for places with user input which possibly ends into HTML output (contact forms, search forms …)
A Cross-site scripting attack is a type of a html injection and the problem is always when a web application accept user input and generates the output without validating or encoding it. This flaw makes it possible for an attacker to inject a malicious script – like javascript – to access cookies, session tokes or some other sensitive information stored in the user’s browser, because it thinks the script came from a trusted source.
They are some different possibilties to identify XSS vulnerabilities:
- use a web security scanner, like xsser, arachni, Nikto …
- test/review the code for places with user input which possibly ends into HTML output (contact forms, search forms …)