The Cross Site scripting is one of the problems that have plagued a lot of websites. Cross site scripting or XSS, is a term for a category of security issues in which an attacker injects HTML tags or scripts into a target website.
Cross-site scripting vulnerabilities date back to 1996 during the early days of the World Wide Web. A time when e-commerce began to take off, the bubble days of Netscape, Yahoo and the obnoxious blink tag.
In December 1999, David Ross was working in security response for Internet Explorer at Microsoft. He was inspired by the work of Georgi Guninsky who was at the time finding flaws in Internet Explorers security model.
David demonstrated that web content could expose ‘Script Injection’ effectively by -passing the same security guarantees by passed by Georgi’s Internet Explorer code flaws, but where the fault seemed to exist on the server side instead of the client side Internet Explorer code.
Cross site scripting can be performed by passing scripts in form of:
*TextBox
*Cookies
*Query Strings
*Web application variable
*Session variables
A web page is vulnerable to cross site scripting if it dynamically generates document content and bases that content on user submitted date without first ‘sanitizing’ that data by removing any embedded HTML tags from it.
Cross-site scripting
A computer system comprises hardware and software components, aiming to offer a powerful computational tool. These systems play a crucial role across diverse domains, aiding us in numerous tasks. The prevalence of the internet has significantly bolstered the utilization of computers for information sharing and communication. Computer systems empower us to store, process, display, and transmit information. Even in a basic modern computer system, multiple programs are typically required to carry out various functions effectively.
The Most Popular Posts
-
Electronic commerce (E-commerce) applications facilitate the buying and selling of products, services, and information over the Internet and...
-
The earliest device that qualifies as a digital computer is the “abacus” also known as “soroban”. Abacus is the simplest form of a digital c...
-
The PageRank algorithm, developed by Larry Page and Sergey Brin, is a cornerstone of modern search engine technology. Introduced in 1996 dur...
-
Software is the essential enabler for the new economy and science. It creates new markets and new directions for a more reliable. There h...
-
The utility programs is a type of system software that allows a user to perform maintenance-type tasks, usually related to managing computer...