Wikipedia defines XSS as:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side script into web pages viewed by other users.
There are three main types of XSS:
- Stored XSS or Persistent XSS
- Reflected XSS
- DOM Based XSS
Stored XSS happens when user input is stored on the target server, and the victim is able to retrieve the stored data in an unsafe way. This can affect any user that has access to the stored data.
Reflected XSS happens when user input is returned immediately to the user and the input is not validated or made safe to render by the browser.
DOM Based XSS
DOM based XSS happens when XSS becomes possible based on DOM-based manipulation. Think of it as a dormant payload, which becomes active only when the DOM manipulates it in certain ways.
Common XSS Attacks
Cross-site scripting is one of the most common attacks in today’s web applications. Cross-site scripting could be used in several attacks. For example
- Cookie theft and/or account hijackingThis happens when a malicious user is able to exploit an XSS flaw that allows them to gain session information about a user and use it to impersonate the user. For more information read Stealing Cookie With XSS.
- KeyloggingThis happens when a malicious user is able to exploit an XSS flaw that allows them to receive key press events on the targeted web page from other users. Read Getting Sassy With XSS Part I – Keystroke Logging for more information.
- PhishingThis happens when a page is vulnerable to XSS and a malicious user creates a URL to the page that they send to an unsuspecting user that contains a payload. When the user navigates to the page, the attacker is able to gain the users session information using the XSS payload. More can be read here Phishing and Cross-Site Scripting
- Access browser history and clipboard contents
- Control of the browser