Secondary Categories: 02-Web Application


Description:

  • Reflected XSS
    • A reflected XSS attack can arises when an application recieves data in an HTTP request and and includes the same data in the reponse in an unsafe way.
      • Example: If a website has a search function which recieves the user suppliced search term in a URL parameter. Then the application echos that same data that you searched in the response page.
      • Testing: Since a Reflective XSS attack isnt as severe as a stored XSS this attack is usually directed at a single user or a specific set of victims. The attacker my supply the user a URL of the site that has a reflective XSS vuln. and supply that to the victim to ge the victim to click the link and echo the script or code onto their webpage. The impact of XSS attackes allows the user to modify, view, or sometimes delete anything the victim may alos have access to. This allows the attacker to control the users session.
      • Links:

Resources:

TitleURL
placeholder

Also Check Out:

  • PLACEHOLDER