Glossary of Security Terms: Cross-Site Scriptingby@mozilla
126 reads

Glossary of Security Terms: Cross-Site Scripting

by Mozilla Contributors1mAugust 27th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Cross-site scripting (XSS) is a security exploit which allows an attacker to inject into a website malicious client-side code. This code is executed by the victims and lets the attackers bypass access controls and impersonate users. According to the Open Web Application Security Project, XSS was the seventh most common Web app vulnerability in 2017. These attacks succeed if the Web app does not employ enough validation or encoding. The user's browser cannot detect the malicious script is untrustworthy, and so gives it access to any cookies, session tokens, or other sensitive site-specific information.

Company Mentioned

Mention Thumbnail
featured image - Glossary of Security Terms: Cross-Site Scripting
Mozilla Contributors HackerNoon profile picture
Mozilla Contributors

Mozilla Contributors

@mozilla

Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.

About @mozilla
LEARN MORE ABOUT @MOZILLA'S
EXPERTISE AND PLACE ON THE INTERNET.

Share Your Thoughts

About Author

Mozilla Contributors HackerNoon profile picture
Mozilla Contributors@mozilla
Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape.

TOPICS

THIS ARTICLE WAS FEATURED IN...

Permanent on Arweave
Read on Terminal Reader
Read this story in a terminal
 Terminal
Read this story w/o Javascript
Read this story w/o Javascript
 Lite
L O A D I N G
. . . comments & more!