What is Cross Site Scripting [ XSS ] ? 丨 TechKnow Addicted





Hey Techknow Addicts,

   ·          XSS is the short-form of Cross Site Scripting. 

    ·           XSS is a type of vulnerability which is used       to inject malicious code to the target website. 

     ·         XSS is based on javascript.

      ·      XSS can be Server side as well as Client side. 

        ·         Server Side is known as Source based and        Client side is known as DOM (Document          Object Model) based.

  ·         XSS needs any parameter to be inject. 

          ·         There may be hidden parameter. 

            ·         XSS is divided into 3 types. 



   1.         Reflected XSS (rXSS).

   2.       Stored  XSS.(sXSS).

   3.        DOM based XSS.


Reflected XSS.



  • Reflected XSS is when the hacker tries to inject malicious code to any parameter it goes to server and then reflects back to client side.
  • Reflected XSS is known as rXSS.



Stored XSS.


  • Stored XSS is when the hacker tries to inject malicious code to particular parameter which is typically database type in short the parameter which is stored in server such as profile or a forum so at that time the malicious code is stored in the server and runs every time we login.

  •  Stored  XSS is known as sXSS.

DOM based XSS.

  • DOM based XSS is when attacker executes malicious code (payload) it results into modification of the DOM  (Document Object Model ) and it is executed in victims browser as a client side script and runs into unexpected manner.



Author: Param Dhagia

Thank You for your valuable time. 

Stay Tuned for more Tech,Ethical hacking and Cyber Security related stuff..!!!  

GOD BLESS YOU!!




Post a Comment

0 Comments