theglitchy.com
t
HomePosts
Programming (Програмування)Computers and technologies (Комп'ютери та технології)Terms (Терміни)Internet (Інтернет)Video games (Відеоігри)Electronics (Електроніка)Slang (Сленг)Business (Бізнес)Ukraine (Україна)
УкраїнськаEnglishPolskiDeutsch
← homeProgramming (Програмування)

What is Cross-Site Scripting (XSS)?

Cross-Site Scripting (XSS) is a type of attack on web application security, where an attacker injects JavaScript code into a web page or web application, which is then executed in the user's browser. An XSS attack occ...

·1 min. read
Share
Table of contentsClick link to navigate to the desired location
Stored XSSReflected XSS  DOM-based XSS
This content has been automatically translated from Ukrainian.
View Original
Cross-Site Scripting (XSS) is a type of attack on web application security, where an attacker injects JavaScript code into a web page or web application, which is then executed in the user's browser. An XSS attack occurs when a web application does not properly handle input data and allows it to be executed in the context of the user viewing the page. There are three main types of XSS.

Stored XSS

The malicious code is stored on the server and displayed to users who view a specific page.

Reflected XSS 

The malicious code is added to the URL and sent to the server, which outputs it in response. Users are affected when they click on such links.

DOM-based XSS

An attack where the malicious code is executed in the browser itself, usually by modifying the DOM structure of the page using JavaScript.
Programming (Програмування)
theglitchy.com
theglitchy.com

Notes on Ruby on Rails development. Solutions, bugs, and daily insights from the workflow.

🔥 More posts

All posts
What is DOM?
Programming (Програмування)Dec 24, '23 12:22

What is DOM?

DOM (Document Object Model) is a programming interface for representing and interacting with the ...

Programming (Програмування)Mar 22, '24 11:24

What is CI/CD in software development?

CI/CD (Continuous Integration/Continuous Delivery or Continuous Deployment) is a practice in soft...

Programming (Програмування)Dec 9, '23 12:15

What is best practice in programming?

Best practice in programming refers to recommendations and methods that are considered optimal or...

Programming (Програмування)Dec 24, '23 12:08

What is SQL Injection?

SQL Injection (SQLI) is a type of attack on web applications, during which an attacker inserts SQ...

Programming (Програмування)Dec 24, '23 12:08

What is penetration testing?

Penetration Testing (penetration testing), also known as security testing, ethical hacking, or pe...

Programming (Програмування)Dec 27, '23 15:08

What is an ERP system?

ERP (Enterprise Resource Planning) is an integrated software system that allows businesses to aut...

Programming (Програмування)Dec 23, '23 11:40

What is a session? (Web)

In the context of the web, the term session is usually used to describe the connection between a ...

Programming (Програмування)Dec 23, '23 11:29

What are cookies?

Cookies are data that websites store on a user's computer, phone, or other device (in the browser...