XSS Cross site scripting

 

XSS stands for cross-site scripting. It is a common web security vulnerability. In this type of vulnerability, the hacker targets the script embedded in a page on the client-side rather than on the server-side. 

Basically, a web page is manipulated by the hacker which in turn returns a malicious javascript to the user. When the malicious js code runs in the victim's browser, the attacker can get full access and special control over what the user is having. 

Types of cross-site scripting:

Reflected

Stored

DOM-based

Reflected CROSS SITE SCRIPTING

This type of cross-site scripting is very easy and most common to understand. Consider a case, the user made a GET request to the browser. In the respective response, some data will be sent to the user. Let us say that this comes out to be an HTTP response. 

EXAMPLE:

The app didn't process the data. That is why it is vulnerable to cyber-attacks. If the user visits/clicks this malicious URL, the script is loaded/executed in the browser. The script can carry out any action, it can collect the sensitive data, to which the user has access to.

NOTE: The HTTP responses should be processed and encoded to prevent this type of attack.

Stored cross-site scripting

This type of cross-site scripting occurs when the app receives data from an untrusted source and adds/ included that data to the HTTP response later on when a GET request is made. 

Ex: comments on a blog post, user nicknames in a chat room, contact details on a customer order., a marketing social media post, any mail, etc. 

DOM-based cross-site scripting.

This vulnerability occurs when an app contains client-side js that processes the data from an untrusted source. 

Reference: Portswigger.net