Cross site scripting (XSS)
Cross site scripting (XSS)
- April 27, 2021
- Posted by: Nicola Selenu

When a user injects malicious script into an otherwise trusted website. The malicious script will then run on the victim’s web browser, often in an attempt to steal user information such as credentials, session cookies and other sensitive data. Anywhere that allows user input can be vulnerable to an XSS attack. To avoid these attacks a web developer must ensure that user input is validated and encoded before it outputs this as a request. Despite being discovered in the 1990s cross-site scripting has consistently remained as one of OWASPs top 10 web application security risks.
Author:Nicola Selenu
Email Service Providers Handbook
The most comprehensive “Handbook of Email Service Providers“!
SPAMASSASSIN RULES
All SpamAssassin rules in one place, EXPLAINED!
SMTP COMMANDS
& REPLY CODES
All SMTP/ESMTP commands and reply codes in one place, EXPLAINED!
Free DNS Tool
Check the DNS records of your domain with our free DNS tool.
Deliverability Glossary
The most comprehensive Email Deliverability and Marketing Glossary!
Cross site scripting (XSS)
When a user injects malicious script into an otherwise trusted website. The malicious script will then run on the victim’s web browser, often in an attempt to steal user information such as credentials, session cookies and other sensitive data. Anywhere that allows user input can be vulnerable to an XSS attack. To avoid these attacks a web developer must ensure that user input is validated and encoded before it outputs this as a request. Despite being discovered in the 1990s cross-site scripting has consistently remained as one of OWASPs top 10 web application security risks.
« Back to Glossary IndexAuthor:Nicola Selenu
Email Service Providers Handbook
The most comprehensive “Handbook of Email Service Providers“!
SPAMASSASSIN RULES
All SpamAssassin rules in one place, EXPLAINED!
SMTP COMMANDS
& REPLY CODES
All SMTP/ESMTP commands and reply codes in one place, EXPLAINED!
Free DNS Tool
Check the DNS records of your domain with our free DNS tool.
Deliverability Glossary
The most comprehensive Email Deliverability and Marketing Glossary!
« Back to Glossary Index