What is Cross-Site Scripting (XSS)?

What is Cross-Site Scripting (XSS)? Main types of XSS attacks.

Dec 24, '23 12:23·1 min. read

Table of contentsClick link to navigate to the desired location

This content has been automatically translated from Ukrainian.

Cross-Site Scripting (XSS) is a type of attack on web application security, where an attacker injects JavaScript code into a web page or web application, which is then executed in the user's browser. An XSS attack occurs when a web application does not properly handle input data and allows it to be executed in the context of the user viewing the page. There are three main types of XSS.

Stored XSS

The malicious code is stored on the server and displayed to users who view a specific page.

Reflected XSS

The malicious code is added to the URL and sent to the server, which outputs it in response. Users are affected when they click on such links.

DOM-based XSS

An attack where the malicious code is executed in the browser itself, usually by modifying the DOM structure of the page using JavaScript.

Programming (Програмування)

theglitchy.com

Notes on Ruby on Rails development. Solutions, bugs, and daily insights from the workflow.

Stored XSS

Reflected XSS

DOM-based XSS

🔥 More posts

What is the difference between PUT and PATCH?

What are cookies?

What is a session? (Web)

What is penetration testing?

What is SQL Injection?

What is DOM?

What is an ERP system?

What is identification and authentication, and what is the difference?

What does SIM mean and how does a SIM card work?

What is e-SIM? Key features and advantages

What is Automatic Speech Recognition (ASR)?

What is NLP? What is Natural Language Processing used for?