What is Cross Site Scripting and Example?

what is cross site scripting - wholikeit.com

what is cross site scripting - wholikeit.com

Cross Site Scripting or XSS attack is a type of website attack that seems to hack your websites on the internet. This type of attack generally occurs, when any particular website fails to prevent any malicious code or hacker attacks from accessing the user information or credentials. They easily insert some malicious codes into the script of the website and the user data is hacked very efficiently. The XSS attackers can easily get track of user’s details and many account information. Whenever the user enters any data into the website, the XSS attackers can capture their entry and use these data to hack their personal accounts. A XSS attack can be very dangerous and can completely steal all your personal information stored on the website.

The XSS attacks are basically classified into three broad categories, depending on the type of attacks they make on the website. They are hence discussed below:–

1. Reflected: Reflected attacks are the most common type of XSS attacks. These attacks are generally delivered through any link. Whenever an additional website link pops up and the user clicks on that link, the reflected XSS attacks are reflected in the user’s account. These attacks are generally reflected through any search result on the internet. Sometimes you may often receive spam mails, which would ask you to click on a link provided. Try to avoid clicking on those links, as it may attack your account and get access to all your personal information on the internet.

2. Stored: Stored XSS attack is quite similar to the reflected XSS attack. But the stored XSS attack is far more dangerous than the reflected attack. In a stored XSS attack, whenever the user visits any webpage, their browser gets access to your code. Your code will be stored on their WebPages permanently and your account will be hacked easily. This type of XSS attack is generally found on the public guest posts, guest book pages, message boards etc.

3. DOM Based: In a DOM Based attack, the attack mainly occurs through web searching. The document object model is a modern concept of website application. It is an advanced website updating platform or tool that allows the scripts to update or modify the website content, style or designs dynamically. Thus in a DOM based XSS attack the hacker enters into the script and gets the access of user’s information and data. These types of attacks are extremely dangerous and can lead to lose all the website content.

Example of XSS attack:

You may receive a mail in your inbox and the hacker will send a link of URL through that mail. The URL can be as follows:

index.php?name=guest<script>alert(‘attacked’)</script>

When the user clicks on the above link or URL through the web browser, a pop up message will be displayed on the screen subsequently. The message ‘attacked’ will be displayed on the screen and you may be probably undergoing a XSS attack.

(Visited 41 times, 1 visits today)

1 Comment

Leave a Reply