It is the attack that enables the attacker to put infected scripts to the browser, thus exposing the victim to the infected code to their application or a web page. This attack becomes successful when the victim accidently opens the page or the application causing the infected script to be executed. Most of the people use this attack on different forums and web pages from where they can easily use the comment section.
How does XSS work
What is cross-site scripting attack vulnerability ? This attack works on the websites that are vulnerable and then the attacker infects the website by sending the infected JavaScript to the user. When that infected code is executed by the user from their web browser, the attacker gets the full control of the victim from the application.
The types of XSS attacks
Reflected XSS through which the infected code goes from the HTTP request.
Stored XSS through which the infected code goes from the database of the site.
DOM-based XSS through which the client-side code is infected but not the server-side code.
Reflected XSS
It is the easiest simplest form of cross-site scripting. It occurs when the data is gathered in a HTTP request and then it is included in an unsafe manner in the immediate way.
If the URL is visited by the user that is generated by the attacker, then the script of the attacker is executed in the browser of the user with the application. Then, the script can gather the data and do everything the user is capable to do.
Stored XSS
It is the attack when the data is received from an unreliable source and it includes the code that infects the site.
The data would be transmitted to the application through an HTTP request. For Example, Comments section in a blog post. In Some other scenarios, the data is from unreliable sources.
DOM-based XSS
It is the attack in which the application includes client-side JavaScript which executes the data from an unreliable source, mostly by writing it to DOM.
How XSS is used
The attacker with the XSS can usually do these things:
- Execute any activity that the client can perform.
- Gather any information that the client can get to.
- Catch the client’s login accreditations.
- Inject the infected scripts to the site and infect it.
- Compromise the activity of the user.
Capabilities of XSS vulnerabilities
The real effect of an XSS assault for the most part relies upon the idea of the application, its usefulness and information, and the position of the compromised client. For example:
When the sensitive data of the user is present as the banking details, emails. The attack on these things would be much worse.
If the user have the rights in the application, the effect will be bad, allowing the attacker to have full access of the applications and gather all the data.
Prevention from XSS
Averting cross-site scripting is insignificant at times yet can be a lot harder relying upon the complex nature of the application and the manners in which it handles client controllable information.
By and large, viably avoiding XSS vulnerabilities is probably going to include a mix of these measures
Filtering the input: Whenever the input from user is received, it is strongly recommended to filter it strictly.
The Encoding of Data on Output: At the instance where the user data is in HTTP as output, it is best to encode it to save it from interpretation. As for the output context, it would need the combination of HTML, JavaScript, CSS.
The Security Policy of Content: As in defending yourself, the CSP is better to reduce the XSS problem.
