Hey Techknow
Addicts,
· XSS
is the short-form of Cross Site Scripting.
· XSS
is a type of vulnerability which is used to inject malicious code to the target
website.
·
XSS
is based on javascript.
· XSS
can be Server side as well as Client side.
·
Server
Side is known as Source based and Client side is known as DOM (Document Object
Model) based.
·
There
may be hidden parameter.
·
XSS
is divided into 3 types.
1.
Reflected
XSS (rXSS).
2.
Stored XSS.(sXSS).
3.
DOM
based XSS.
Reflected XSS.
- Reflected XSS is
when the hacker tries to inject malicious code to any parameter it goes to
server and then reflects back to client side.
- Reflected XSS is known as rXSS.
Stored XSS.
- Stored XSS is
when the hacker tries to inject malicious code to particular parameter
which is typically database type in short the parameter which is stored in
server such as profile or a forum so at that time the malicious code is stored
in the server and runs every time we login.
DOM based XSS.
- DOM based XSS is
when attacker executes malicious code (payload) it results into
modification of the DOM (Document
Object Model ) and it is executed in victims browser as a client side
script and runs into unexpected manner.
Author: Param Dhagia
Thank You for your valuable time.
Stay Tuned for more Tech,Ethical hacking and
Cyber Security related stuff..!!!
0 Comments