Cross-site scripting(XSS)

Know IT now


Cross-site scripting (XSS) is a type of computer security vulnerability. The expression “cross-site scripting” originated from the fact that a malicious web site could load another web site into another frame or window then use JavaScript to read or write data on the other web site. The definition gradually changed to mean the injection of HTML and JavaScript into a web page, causing confusion since the name no longer reflects the latest definition. By finding clever ways of injecting malicious scripts into web pages an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other objects.