6. Cross Site Scripting (XSS)

Cross Site Scripting (XSS) is a vulnerability that occurs when an attacker injects malicious code into a web page or application, which is then executed in another user's browser. This typically happens because the application does not properly sanitize and validate user input, allowing code injection.

Types of XSS vulnerabilities:

  • Stored XSS: An attacker injects malicious script onto a server, which is then stored in a database. When a user requests the page, the script is executed in that user's browser.
  • Reflected XSS: Malicious code is injected into a URL that is sent to the server. The server includes this code in the response, which is then executed in the user's browser when they follow the link.
  • DOM-based XSS: Here, an attacker injects malicious code that affects the Document Object Model (DOM) of the page. This type of XSS occurs in the user's browser when it interprets DOM changes.

Potential risks of XSS:

  • Data theft: An attacker can gain access to a user's personal data, such as passwords, cookies (session files), and other confidential information.
  • Session hijacking: An attacker can hijack a user's session and gain access to their account without permission.
  • Content manipulation: Malicious actors can alter the content of web pages, leading to user deception or the spread of false information.
  • Distribution of malicious scripts: Attackers can distribute harmful scripts among users, tricking them into performing dangerous actions.

By studying this section, you will learn:

  • Basics of JavaScript
  • XSS theory and types of vulnerabilities
  • Exploiting XSS, including:
  • Loading code (Payload) from an external resource
  • Stealing session cookies
  • Stealing browser data
  • Creating and injecting keyloggers
  • Stealing stored browser passwords
  • Phishing users