XSS or Cross Site scripting
It's a w eb security issue that sees cyber criminals execute malicious scripts on legitimate or trusted websites. In an XSS attack, an attacker uses web-pages or web applications to send malicious code and compromise users' interactions with a vulnerable application. The malicious content sent to the web browser often takes the form of a segment of JavaScript, but may also include HTML, Flash, or any other type of code that the browser may execute. The variety of attacks based on XSS is almost limitless, but they commonly include transmitting private data, like cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site. Reflected and Stored XSS Attacks XSS attacks can generally be categorized into two categories: reflected and stored. There is a third, much less well-known type of XSS attack called DOM Based XSS . R...