|
What is Cross-Site Scripting: (Acronym – XSS)?- Cross-site scripting is an occurrence when a web application gathers malicious data. A hyperlink is represented for the data which contains malicious contents in it. The malicious portion of the link is encoded by attacker to the site in HEX or other encoding form, which gives the user the impact of less suspicious, when clicked on. Once the data is obtained by the application, the output is created by the malicious code and sent to it, in a manner that it appears as a valid content from the web site.
- Cross-Site Scripting allows malicious code to be inserted into the web page. The web page can be a simple HTML code or a client side script. When the malicious code is inserted in page and clicked by some user, the malicious code becomes a part of the web request of the user. This request can also execute on the users computer and steal information.
|
