Cross-Site scripting defined
Cross-Site scripting, also known as XSS, is the most common application vulnerability exploit found in web applications today. This code is executed via the unsuspecting user's web browser by manipulating scripts such as JavaScript and HTML. A successful XSS exploit can result in scripts being embedded into a web page. These scripts are executed every time a user visits the page or whenever a specific action is performed. Here are some points to remember about XSS:
- XSS is a vulnerability that can be exploited by infecting applications.
- The victim is actually the user that unknowingly visits a page or performs an action that triggers the exploit.
- The exploit is most-commonly triggered via JavaScript.