The IT Law Wiki

Cross-site scripting

32,297pages on
this wiki
Add New Page
Talk0 Share

Definitions Edit

A cross-site scripting (XSS) attack is

[a]n attack that uses third-party web resources to run script within the victim's web browser or scriptable application. This occurs when a browser visits a malicious website or clicks a malicious link. The most dangerous consequences occur when this method is used to exploit additional vulnerabilities that may permit an attacker to steal cookies (data exchanged between a web server and a browser), log key strokes, capture screen shots, discover and collect network information, and remotely access and control the victim's machine.[1]
a type of computer security vulnerability that uses malicious script imbedded in an otherwise benign and trusted web applications to gather user data. When the script is executed (e.g., when a user clicks on a compromised link in an email message or reads an infected forum post), sensitive user data can be accessed by the attacker.[2]

References Edit

  1. Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use, at 4.
  2. Privacy Technical Assistance Center, Cross-site scripting (full-text).

See also Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki