cross-site scripting (xss)
Cross-site scripting (XSS) is a type of computer vulnerability where malicious code is injected into a website or web application. This code can then be executed by unsuspecting users, potentially leading to the theft of sensitive information or unauthorized actions on the website.
Requires login.
Related Concepts (62)
- <script type="javascript">alert(1)</script>
- <script>alert(1)</script>
- arbitrary code execution
- attack vectors
- authentication bypass
- browser exploit techniques
- browser security
- browser security model
- bug hunting
- clickjacking
- client-side attacks
- client-side code injection
- code injection
- code injection prevention
- code injection techniques
- code reuse attacks
- command injection
- content security policy (csp)
- cross-domain scripting
- cross-origin resource sharing (cors)
- cross-site request forgery (csrf)
- dom-based xss
- drive-by downloads
- escaping user input
- exploit writing techniques
- exploiting software vulnerabilities
- html encoding
- html injection
- injection attacks
- injection attacks on android
- input validation
- java code injection
- javascript injection
- javascript security
- local file inclusion (lfi)
- malicious input
- memory corruption
- mime sniffing attacks
- oauth or openid vulnerabilities
- php injection
- reflected xss
- remote code execution (rce)
- remote code inclusion (rci)
- remote file inclusion (rfi)
- ruby code injection
- same-origin policy
- secure coding practices
- server-side code injection
- server-side deserialization vulnerabilities
- server-side request forgery (ssrf)
- server-side template injection (ssti)
- session hijacking
- software vulnerability
- sql injection
- stored xss
- unvalidated redirects and forwards
- web application exploitation
- web application firewall (waf)
- web application security
- web browser vulnerabilities
- web vulnerabilities
- xml injection
Similar Concepts
- client-side scripting
- cross-site request forgery (csrf) attacks
- cross-site request forgery (csrf) authentication bypass
- cross-site request forgery (csrf) prevention
- cross-site request forgery (csrf) vulnerabilities
- cross-site script inclusion (xssi)
- cross-site scripting
- cross-site scripting (xss) attacks
- cross-site scripting (xss) authentication bypass
- cross-site scripting (xss) payload generation
- cross-site scripting (xss) prevention
- cross-site scripting (xss) via file upload
- cross-site scripting (xss) vulnerabilities
- csrf (cross-site request forgery)
- persistent xss