Cross Site Scripting is the consequence of a vulnerability in websites or Client Software. It allows an attacker to inject his own malicious code.

It is used either to trick the user to believe that the injected code is part of the website or to run scripts which are not distributed by the website itself.

Do you know the difference between a DOM-based, a Not Persistent and a Persistent attack? (more…)