Solved

what is cross site scripting

Posted on 2012-03-23
2
502 Views
Last Modified: 2013-11-19
Could you explain me with simple words what exactly is cross site scripting.
I read the definition in wikipedia, but I was not able to understand it.
0
Comment
Question by:dedri
2 Comments
 
LVL 17

Assisted Solution

by:bigeven2002
bigeven2002 earned 250 total points
ID: 37758234
Cross Site Scripting (XSS) is the process of injecting content from another site or script into an existing site by adding it to the URL in the address bar.

examples:


www.example.com/file.html?var=http://www.badsite.com/badpage.html
www.example.com/file.html?var=<script>document.write("Hello World!");</script>

Open in new window


This site breaks it down further:

http://infosecisland.com/blogview/11402-Cross-Site-Scripting-XSS-Some-Examples.html
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 250 total points
ID: 37780420
a bit theoretically:
  XSS is an attack which compromises the trust of a user (browser) in the data supplied by the server

more practical:
  XSS vulnerabilities allow an attacker to craft requests (links, URLs) which return content from a web page which is not intendend by the web page and the user cannot identify the difference

note that XSS is used seemingly for threat and/or vulnerability and/or attack descriptions
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Adwords and keywords 2 53
how to see all occupied ports on windows 10 laptop 15 75
Help with query 3 31
URGENT - Wordpress site missing  theme 9 52
Get to know the ins and outs of building a web-based ERP system for your enterprise. Development timeline, technology, and costs outlined.
There’s a good reason for why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Your website’s homepage is where people come to visit you. It’s the family room of your website wh…
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question