![]() ![]() Security on the web depends on a variety of mechanisms, including an underlying concept of trust known as the same-origin policy. Main articles: Web security and Same-origin policy It initially was an attack that was used for breaching data across sites, but gradually started to include other forms of data injection attacks. OWASP considers the term cross-site scripting to be a misnomer. Range from petty nuisance to significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner network. During the second half of 2007, 11,253 site-specific cross-site vulnerabilities were documented by XSSed, compared to 2,134 "traditional" vulnerabilities documented by Symantec. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. For other uses, see XSS (disambiguation).Ĭross-site scripting ( XSS) is a type of security vulnerability that can be found in some web applications.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |