N/APosted on - 11/14/2014
What is Cross Site Scripting? When do these occur? How is a cross site scripting attack executed? What are the categories of Cross Site Scripting Attacks? What is a Dom based XSS? Are XSS attacks severe and can they cause an account to be compromised? How can you protect a site from XSS attacks?
Guard your website from a XSS attack.
XSS is called as Cross-site scripting. It is type of computer security. Which is found in the web applications. It enables client script into web page, Which is viewed by others user.
An attacker can Xss to send malicious script to an user. The user dont have any way to know that script should not be trusted. The user thniks that script came from trusted source. The script can access any session tokens, Cookies, Other harmful information. The scripts can rewrite in html page.
Types of Cross-Site Scripting
There are two types of Cross-Site Scripting.
1. Server xss
2. Client xss
Dom based XSS:-
Document object model (DOM) xss simply means a cross site scripting part of the HTML. In reflective and stored Cross-site scripting attacks you can see the vulnerability payload in the response page but in DOM based cross-site scripting. It can only used in runtime the DOM page.
XSS attacks severe:-
Cross-site scripting XSS severe attacks involve the users session cookie.
It allows to attacker to hack the user session and hacking the users account.
How can you protect a site from XSS attacks:-
1. PHP AntiXSS
2. Xss_clean.php filter
3. HTML Purifier
5. XSS HTML Filter