Cross Site Scripting

What Does Cross Site Scripting Mean?

Cross Site Scripting (XSS) is the process of addition of malicious code to a genuine website to gather user’s information with a malicious intent. XSS attacks are possible through security vulnerabilities found in Web applications and are commonly exploited by injecting a client-side script. Although JavaScript is usually employed, some attackers also use VBScript, ActiveX or Flash.

Advertisements

Techopedia Explains Cross Site Scripting

When an XSS vulnerability is successfully exploited, the server application can be seriously exposed to major risks. For instance, users can be duped into executing malicious scripts when viewing dynamically generated pages. Another possibility involves an attacker taking over a user session before its corresponding session cookie expires. In yet another case, innocent users can be connected to a malicious server.

In practically all scenarios, a victim’s system is attacked by using the victim’s privileges themselves. The attacks can then evolve into account hijacking, cookie theft, false advertising and modifications in the user settings of the victim’s account.

One way of mitigating the risks of XSS exploits is by turning off active scripting in browsers. Unfortunately, this also takes away a browser’s capability to execute dynamic websites and isn't a realistic solution for most users.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Blockchain

Experts Roundtable: What DEXs Must Do Better for Adoption

Iliana Mavrou2 years
dummy_img
Artificial Intelligence

AI Alliance: More Than 50 Organizations Cast Wide Safety Net

Nicole Willing2 years
dummy_img
Featured Content

Chimpzee (CHMPZ) Will Soon End Its Presale, Enter Now Before Inevitable 10x Growth After Exchange Listing

Alan Draper2 yearsEditor-in-Chief
dummy_img
Artificial Intelligence

Understanding DePIN Protocols: How AI and Crypto Fit Together

Mensholong Lepcha2 yearsCrypto & Blockchain Writer
dummy_img
Artificial Intelligence

12 Best AI Books: What To Read If You Want to Learn & Earn

Tim Keary2 yearsTechnology Expert
dummy_img
Buzzwords and Jargon

8 Tech Terms & Buzzwords You Need to Know for 2024

Neil C. Hughes2 yearsSenior Tech Writer

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Investing
Investing
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
VoIP
VoIP
VPN
VPN