Webopedia on Google+Webopedia on TwitterWebopedia on FacebookTech Bytes Blog
Main » TERM » X »

XSS - cross-site scripting

cross-site scripting (XSS) is a security breach that takes advantage of dynamically generated Web pages. In an XSS attack, a Web application is sent with a script that activates when it is read by an unsuspecting user's browser or by an application that has not protected itself against cross-site scripting. Because dynamic Web sites rely on user input, a malicious user can input malicious script into the page by hiding it within legitimate requests.

Common Languages and Exploitation

Common exploitation include search engine boxes, online forums and public-accessed blogs. Once XSS has been launched, the attacker can change user settings, hijack accounts, poison cookies with malicious code, expose SSL connections, access restricted sites and even launch false advertisements. The simplest way to avoid XSS is to add code to a Web application that causes the dynamic input to ignore certain command tags.

Cross-site scripting also is referred to as malicious tagging and sometimes abbreviated as CSS, though CSS is more commonly used as an abbreviation for cascading style sheets.







TECH RESOURCES FROM OUR PARTNERS
LATEST ARTICLES
SEO Dictionary

From keyword analysis to backlinks and Google search engine algorithm updates, our search engine optimization glossary lists 85 SEO terms you need... Read More »

Slideshow: History of Microsoft Operating Systems

Microsoft Windows is a family of operating systems for personal computers. In this article we look at the history of Microsoft operating... Read More »

Slideshow: Interesting Facts About Google Search

From Goats to Penguins, a server outage and trillions of searches, our slideshow presents interesting facts about Google and the Google.com... Read More »

STUDY GUIDES
Java Basics, Part 1

Java is a high-level programming language. This guide describes the basics of Java, providing an overview of syntax, variables, data types and... Read More »

Java Basics, Part 2

This second Study Guide describes the basics of Java, providing an overview of operators, modifiers and control Structures. Read More »

The 7 Layers of the OSI Model

The Open System Interconnection (OSI) model defines a networking framework to implement protocols in seven layers. Use this handy guide to compare... Read More »