https://blog.s4yhii.com/tags/xss/ Recent content in Xss on s4yhii's blog https://blog.s4yhii.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E https://blog.s4yhii.com/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E Hugo -- 0.155.3 en-us Mon, 14 Feb 2022 12:00:00 -0400 https://blog.s4yhii.com/posts/2022-02-14-cross-site-scripting-xss/ Mon, 14 Feb 2022 12:00:00 -0400 https://blog.s4yhii.com/posts/2022-02-14-cross-site-scripting-xss/ <p>Cross-site scripting known as XSS is a web vulnerability in which malicious scripts are injected int benign and trusted websites. XSS occur when an attacker send malicious code in any user input fields in a browser to a different end-user.</p> <h2 id="mechanisms">Mechanisms</h2> <p>In an XSS attack the attacker inject script in HTML code so you&rsquo;ll have to know javascript and HTML syntax, wbe uses scripts to control client-side application logic and make the website interactive, for example this script generates <em>Hello!</em> pop-up on the web page:</p>