Cross-site Scripting
Overview
Cross-site Scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
Types of Cross-site Scripting
Cross-site scripting attacks can be grouped into three broad categories: Stored XSS, Reflected XSS, and DOM-based XSS.
Stored XSS
Stored Cross-site Scripting (Stored XSS) is a type of attack where the malicious script is permanently stored on the target servers. The victim retrieves the malicious script from the server when it requests the stored information.
Reflected XSS
Reflected Cross-site Scripting (Reflected XSS) involves the reflecting of a malicious script off of a web application, onto a user’s browser. The script is embedded in a URL, which is typically delivered to the victim via an email or another website.
DOM-based XSS
DOM-based Cross-site Scripting (DOM XSS) is a type of attack wherein the attack payload is executed as a result of modifying the Document Object Model (DOM) environment in the victim's browser.
Mechanism of Cross-site Scripting
Cross-site scripting involves the insertion of malicious code into trusted websites or web applications. The attacker uses the web application as a conduit to send malicious script to another end user.
Prevention of Cross-site Scripting
Preventing XSS requires separation of untrusted data from active browser content. This can be achieved through a variety of methods, including proper input validation, appropriate output encoding, and use of appropriate response headers.
Impact of Cross-site Scripting
The impact of XSS can range from petty nuisance to significant security risk, depending on the nature of the data handled by the vulnerable site and the nature of the script the attacker is able to inject.