XSS: Difference between revisions

From charlesreid1
No edit summary
Line 4: Line 4:


https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
=Notes=


==Types of Cross Site Scripting==
==Types of Cross Site Scripting==
Line 14: Line 12:
* Stored XSS - the script comes from the website's database
* Stored XSS - the script comes from the website's database
* DOM-based XSS - the script is injected client-side rather than server-side
* DOM-based XSS - the script is injected client-side rather than server-side
=Notes=

Revision as of 20:11, 13 April 2022

Overview

Cheat Sheet

https://portswigger.net/web-security/cross-site-scripting/cheat-sheet

Types of Cross Site Scripting

There are three main types of XSS attacks. These are:

  • Reflected XSS - the script comes from the current HTTP request
  • Stored XSS - the script comes from the website's database
  • DOM-based XSS - the script is injected client-side rather than server-side



Notes

Retrieved from "https://charlesreid1.com/w/index.php?title=XSS&oldid=29476"