401 Reading 36 - marsecguy/reading-notes-cyberops GitHub Wiki

Cross-Site Scripting (XSS)

Explain how a cross-site scripting attack works in non-technical terms.
- Cross-site scripting (or XSS) is a method of using vulnerabilities in web applications to attack a user. Basically, a computer that interacts with the world-wide web must exchange information with it. By sneaking malicious code into those "trusted" communications, it can bypass weak security measures.
What are the three types of XSS attacks?
- Reflected
- Stored
- DOM-based
If an attacker successfully exploits a XSS vulnerability, what malicious actions would they be able to perform?
- They may be able to:
  - Impersonate or masquerade as the victim user.
  - Carry out any action that the user is able to perform.
  - Read any data that the user is able to access.
  - Capture the user's login credentials.
  - Perform virtual defacement of the web site.
  - Inject trojan functionality into the web site.
What are some security controls that can be implemented to prevent XSS attacks?
- Filter input on arrival.
- Encode data on output.
- Use appropriate response headers.
- Use content security policy.