Curriculum
Course: Cyber Security
Login

Curriculum

Cyber Security

Text lesson

XSS (“Cross-Site Scripting”)

XSS exploits the server to target its visitors rather than the server itself. Attackers inject uncleaned JavaScript values that, when executed by unsuspecting users who click malicious links or visit compromised resources, run the attacker’s code in the users’ browsers. For instance, Eve could send a link to Alice containing the XSS attack.

XSS

This attack, called Reflected XSS, occurs when Eve discovers a vulnerability and sends a malicious link to an unsuspecting user. When the user clicks the link, the attack is executed, causing the web server to reflect the attack back to the victim.