Solved

what is cross site scripting

Posted on 2012-03-23
2
478 Views
Last Modified: 2013-11-19
Could you explain me with simple words what exactly is cross site scripting.
I read the definition in wikipedia, but I was not able to understand it.
0
Comment
Question by:dedri
2 Comments
 
LVL 17

Assisted Solution

by:bigeven2002
bigeven2002 earned 250 total points
ID: 37758234
Cross Site Scripting (XSS) is the process of injecting content from another site or script into an existing site by adding it to the URL in the address bar.

examples:


www.example.com/file.html?var=http://www.badsite.com/badpage.html
www.example.com/file.html?var=<script>document.write("Hello World!");</script>

Open in new window


This site breaks it down further:

http://infosecisland.com/blogview/11402-Cross-Site-Scripting-XSS-Some-Examples.html
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 250 total points
ID: 37780420
a bit theoretically:
  XSS is an attack which compromises the trust of a user (browser) in the data supplied by the server

more practical:
  XSS vulnerabilities allow an attacker to craft requests (links, URLs) which return content from a web page which is not intendend by the web page and the user cannot identify the difference

note that XSS is used seemingly for threat and/or vulnerability and/or attack descriptions
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Get to know the ins and outs of building a web-based ERP system for your enterprise. Development timeline, technology, and costs outlined.
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now