Hi there, today I will introduce you to a type of web vulnerability found on most servers on the internet. It is called Cross site scripting.
Cross site scripting (commonly known as an XSS attack) is a form of gaining access to a person’s browser cookies and session ids therefore compromising his/her privacy.
You may be asking yourself HOW?
The hacker does not need to have access to the victim’s system. The attacker, instead exploits a vulnerability (in this case XSS) in a website that the victim visits in order to get the website to execute the malicious code to the victim’s browser. The victim’s browser takes the codento be from the website itself hence the code is executed by the victim’s browser since it seems to originate fron the server the victim is connected to.
The main goal of an XSS attack is to execute malicious code snippets in the victim’s browser.
That is all for today. See you next time where I will discuss about the various types of XSS attacks.
Don’t forget to follow me so as to never miss out on anything.
Disclaimer: The content on this blog should he used purely for education purposes or by security researches and system admins to fix XSS vulnerabilities on their systems. I shall not be held liable for the wrong use of these techniques.