Solved

what is cross site scripting

Posted on 2012-03-23
2
533 Views
Last Modified: 2013-11-19
Could you explain me with simple words what exactly is cross site scripting.
I read the definition in wikipedia, but I was not able to understand it.
0
Comment
Question by:dedri
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Assisted Solution

by:bigeven2002
bigeven2002 earned 250 total points
ID: 37758234
Cross Site Scripting (XSS) is the process of injecting content from another site or script into an existing site by adding it to the URL in the address bar.

examples:


www.example.com/file.html?var=http://www.badsite.com/badpage.html
www.example.com/file.html?var=<script>document.write("Hello World!");</script>

Open in new window


This site breaks it down further:

http://infosecisland.com/blogview/11402-Cross-Site-Scripting-XSS-Some-Examples.html
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 250 total points
ID: 37780420
a bit theoretically:
  XSS is an attack which compromises the trust of a user (browser) in the data supplied by the server

more practical:
  XSS vulnerabilities allow an attacker to craft requests (links, URLs) which return content from a web page which is not intendend by the web page and the user cannot identify the difference

note that XSS is used seemingly for threat and/or vulnerability and/or attack descriptions
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
Australian government abolished Visa 457 earlier this April and this article describes how this decision might affect Australian IT scene and IT experts.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question