Cross Site Scripting

Description

XSS is a special type of injection vulnerability, when an attack is successful, the code is executed on the client side, whereas most other types of injection vulnerabilities are executed on the server side. The way to defend against XSS attack is a combination of input validation and out put encoding/escaping.[1]

  1. Alice and Bob Learn Application Security ↩︎