XSS: Cross Site Scripting

XSS

Description:

XSS stands for Cross Site Scripting.It is one of the most prevelant web vulnerabilities found in the world.
In this type of attack an attacker can inject malicious code into a web application, which when rendered to a victim can result in compromising his/her session with the web application.

This type of attack commonly occurs when the web application accepts the input from users but does not validate/sanitize or encode it.

But How?

The attacker sends a malicious script to a victim, and since the browser has no way to check its authenticity, its ends up executing it. The malicious script could gather the session tokens,cookies and other details of the victim and send them to the attacker.
The attacker can then use the tokens/cookies to impersonate as the victim and entirely compormise the account of the victim.
He could change the email-id/password or any other critical information.

If the victim compromised had administrative privileges, the attacker could compromise the entire web server, and even bring it down.

A bug bounty hacker was able to trigger XSS by exploiting a vulnerability in Zoom.us application.

Types of XSS

  1. Reflected XSS
  2. Stored XSS
  3. DOM-Based XSS

The most basic of the XSS Attacks is the Reflected XSS Attack. It occurs when a victim triggers a malicious script and causes it to be reflected off the web applicaion to the victim's browser. It called a Non-Persistent XSS Attack.
Read more about Reflected XSS Attacks Here.

Also known as Persistent XSS and Second-Order XSS, Stored XSS Attack Occurs when the web application accepts any client injected malicios script and stores it in the web server. The malicious script is then rendered to the victims as a part of the response from the web application.
Read more about Stored XSS Attacks Here.

DOM-Based XSS attack is a type of XSS attack where the web application takes in data and writes it in the Document Object Model. An attacker can manually alter this code to execute malicious javascript code. They are also called Type 0 XSS attacks.
Read more about it Here.