logo

Cross Site Scripting attacks take place when a specific untrusted

   

Added on  2023-05-27

4 Pages770 Words349 Views
Running head: CROSS SITE SCRIPTING
CROSS SITE SCRIPTING
Name of Student
Name of University
Author’s Note

1CROSS SITE SCRIPTING
Cross site scripting (XSS)
Cross site scripting can be defined as a sort of injection security attack where a
particular attacker injects information like some malicious script into the content that belongs
to a trusted website. Cross site scripting attacks take place when a specific untrusted source is
provided the opportunity to inject their own code into a particular web application, this
malicious code includes some dynamic content which is delivered to the browser of a victim
(Hydara, Sultan and Zulzalil 2015). Some websites that have been a victim of XSS
vulnerability are Facebook, Twitter, eBay, MySpace, Yahoo and some more.
Preventing XSS issues in website
XSS vulnerabilities can be prevented using numerous ways, these ways are as follows
Validation: the web application developers must analyze the code for a smart
interpretation. The user inputs must be filtered from a malicious chain of numerous
commands. Both the persistent and reflective cross-site scripting vulnerabilities are
handled with the help of validation.
Encoding: besides validation, escaping and filtration are some of the best practices
for avoiding XSS vulnerability. The inputs along with various special characters must
be ciphered in the respective URL or HTML codes (Yusof and Pathan 2016). The
users can also look in outbound or inbound handling as well. Encoding brings about
all its share of the limitations.
Testing: a XSS prevention model cannot be completed without testing of its input
fields at its regular intervals. Nowadays it is necessary for manual expert intervention
for testing various web applications for their logics that is not possible for a machine.
Exploitation of XSS
XSS can be exploited for various reasons, these reasons include

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Software Security Assignment
|5
|999
|61

Cross Site Scripting
|10
|2020
|363

190 - web developmet
|4
|395
|232

Ways of Attacking a Web Application in PHP: SQL Injection, XSS, Session Hijacking, Directory Traversal, and Remote File Inclusion
|9
|1493
|176

Contemporary World Application 2022
|10
|541
|10

Penetration Testing Penetration Testing
|52
|9148
|85