This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Cross-site scripting
Cross-site scripting

Version management

Difference between version and

At line 1 added 19 lines
!!! Overview[1]
[{$pagename}] ([XSS]) is a type of computer security [Exploit] typically found in [HTTP].
[{$pagename}] enables [attackers] to inject client-side scripts into web pages viewed by other users.
[{$pagename}] [vulnerability] may be used by [attackers] to bypass [access Controls] such as the same-origin policy.
[{$pagename}] carried out on websites __accounted for roughly 84%__ of all security vulnerabilities documented by Symantec as of [2007|Year 2007].
The effect may range from a petty nuisance to a significant security [risk], depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.
[Content-Security-Policy] [HTTP Response Header] allows web site administrators to control resources the [User-agent] is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against [{$pagename}] [Attacks].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Cross-site_scripting|Wikipedia:Cross-site_scripting|target='_blank'] - based on information obtained 2016-08-08-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop