What is a cross-site scripting vulnerability and how does an attacker carry out a cross-site scripting attack? Find out in this walkthrough from Infosec Skills author John Wagnon.
How does cross-site scripting work?
Cross-site scripting attacks use insecure web applications to send malicious code to users. This can lead to a variety of negative outcomes for end users and organizations ranging from account compromise to data theft.
In this episode of Cyber Work Applied, John walks through what a cross-site scripting attack is, how they work and what you can do to defend against them. Watch the full walkthrough below:
How cross-site scripting attacks work | Free Cyber Work Applied series
New episodes of Cyber Work Applied are released every other week. Check out the full collection of free Cyber Work Applied training videos.
Cross-site scripting attack: Demo and walkthrough
The edited transcript of John’s cross-site scripting walkthrough is provided below.
Cross-site scripting and the OWASP Top 10
(0:00–0:25) Many of you have heard the term cross-site scripting, but do you know how it works?
Cross-site scripting has been one of the OWASP Top 10 security risks since the list was created way back in 2003, and