Saturday, 8 December 2018

XSS

Common safety prevention against XSS

Cross-site Scripting (XSS) Attack "Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates."
How it works

Preventions
  • Basic Input validations on Client Side Code
  • Strong Input validations on Server Side Code. Including retrieving all possible valid input validations from database to validate input
Source Article:
https://www.acunetix.com/websitesecurity/cross-site-scripting

No comments:

Post a comment