Cross Site Scripting 2.3 Flashcards

1
Q

Cross-Site Scripting (XSS)

A
  • Most common web app vulnerabilities.
  • Takes advantage of the user’s trust in a web site.
  • Attackers can include a script in their input and have it rendered as part of the web process.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Non-Persistent XSS Attack

A
  • 3rd party site configured to enable someone to run a script
  • The injected script is not persisted or stored but rather is immediately executed.
  • Passed back via the web server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Persistent Stored XSS Attack

A
  • Script is permanently stored on the web server or some back-end storage.
  • Allows the script to be used against others who log in to the system.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Protection Against XSS Attack

A
  • Be careful when clicking untrusted links.
  • Consider disabling Javascript.
  • Keep your browser and applications updated.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly