XSS
An abbreviation of cross-site scripting. XSS is a security breach that takes advantage of dynamically generated Web pages. In an XSS attack, a Web application is sent with a script that activates when it is read by an unsuspecting user��s browser or by an application that has not protected itself against cross-site scripting. Because dynamic Web sites rely on user input, a malicious user can input malicious script into the page by hiding it within legitimate requests. Common exploitations include search engine boxes, online forums and public-accessed blogs. Once XSS has been launched, the attacker can change user settings, hijack accounts, poison cookies with malicious code, expose SSL connections, access restricted sites and even launch false advertisements. The simplest way to avoid XSS is to add code to a Web application that causes the dynamic input to ignore certain command tags.
Scripting tags that take advantage of XSS include <SCRIPT>, <OBJECT>, <APPLET>, <EMBED> and <FORM>. Common languages used for XSS include JavaScript, VBScript, HTML, Perl, C++, ActiveX and Flash.
Cross-site scripting also is referred to as malicious tagging and sometimes abbreviated as CSS, though CSS is more commonly used as an abbreviation for cascading style sheets.
-
1
private cloud project
Companies initiate private cloud projects to enable their IT infrastructure to become more capable of quickly adapting to continually evolving...
-
2
cloud backup
A cloud backup (cloud computer backup) refers to backing up data to a remote, cloud-based server. As a form of cloud storage, cloud backup data is...
-
-
3
mobile operating system
The mobile operating system is the software platform on top of which other programs, called application programs, can run on mobile devices.
-
4
big data
A catch-phrase, used to describe a massive volume of both structured and unstructured data that is so large that it's difficult to process with...
-
5
enterprise application
An enterprise application is the term used to describe applications -- or software -- that a business would use to assist the organization in...
-
6
private cloud
The phrase used to describe a cloud computing platform that is implemented within the corporate firewall, under the control of the IT department....
-
7
BYOD - bring your own device
A phrase that has become widely adopted to refer to mobile workers bringing their own mobile devices, such as smartphones, laptops and PDAs, into...
-
8
consumerization of IT
Consumerization of IT is a phrase used to describe the cycle of information technology (IT) emerging in the consumer market then spreading to...
-
9
CRM - Customer Relationship Management
Short for customer relationship management, CRM entails all aspects of interaction a company has with its customer, whether it be sales or service...
-
10
ERP - Enterprise Resource Planning
Short for enterprise resource planning, ERP is business management software that allows an organization to use a system of integrated applications...
Connect with Webopedia
-
-
Android Apps for Remote Computer Access
Remote access is useful when you need to collaborate with co-workers, help a friend with PC problems or grab files from your desktop.
