BestHub
Sign in
Tag

cross-site scripting

1 views collected around this technical thread.

IT Services Circle
IT Services Circle
Jul 25, 2023 · Information Security

Exploiting XSS Vulnerabilities and Same‑Origin Policy to Upgrade Risk Levels

This article explains how to combine reflected and stored cross‑site scripting attacks with same‑origin policy abuse to turn a low‑severity XSS vulnerability into a high‑severity issue, detailing discovery, exploitation steps, and a JavaScript payload that harvests user data.

JavaScriptSame-Origin PolicyVulnerability Exploitation
0 likes · 8 min read
Exploiting XSS Vulnerabilities and Same‑Origin Policy to Upgrade Risk Levels
Full-Stack Internet Architecture
Full-Stack Internet Architecture
Dec 23, 2020 · Information Security

Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses

This article provides a comprehensive overview of Cross‑Site Scripting (XSS), covering its definition, impact, underlying mechanisms, classification, common injection vectors, defensive strategies, practical Q&A, and a curated list of reference resources for developers and security professionals.

Web SecurityXSScross-site scripting
0 likes · 16 min read
Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses
Full-Stack Internet Architecture
Full-Stack Internet Architecture
Oct 12, 2020 · Information Security

Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses

This article provides a comprehensive overview of Cross‑Site Scripting (XSS), explaining its definition, dangers, underlying mechanisms, classification into stored, reflected, and DOM‑based types, common injection vectors, and practical defense strategies, while also addressing common questions and resources for further learning.

Web SecurityXSScross-site scripting
0 likes · 11 min read
Comprehensive Summary of XSS (Cross‑Site Scripting) Attacks and Defenses
Tencent IMWeb Frontend Team
Tencent IMWeb Frontend Team
May 14, 2017 · Information Security

Mastering XSS: A Complete Guide to Understanding and Preventing Cross‑Site Scripting

This comprehensive tutorial explains what XSS is, describes the three main attack types, illustrates how malicious scripts are injected and executed, and provides practical strategies—including encoding, validation, and Content Security Policy—to defend web applications against cross‑site scripting vulnerabilities.

Content Security PolicyWeb SecurityXSS
0 likes · 28 min read
Mastering XSS: A Complete Guide to Understanding and Preventing Cross‑Site Scripting