COM738 Test

XSS attacks

What is XSS Attack?

A Cross-Site Scripting (XSS) attack is a type of security vulnerability that occurs when a web application doesn’t properly validate or sanitize user inputs before displaying them on a webpage. This can allow an attacker to inject malicious scripts into a web page that is then executed by other users who visit the page. XSS attacks can have various impacts, including stealing user data, session hijacking, defacement of websites, and more.

Types of XSS attack

  1. Stored XSS (Persistent XSS): Malicious scripts are permanently stored on the target server, often in a database. When other users visit the page where the script is stored, it’s executed in their browsers.
  2. Reflected XSS: Malicious scripts are embedded in URLs or other inputs that are then reflected back to the user as part of the response from the server. These scripts are executed in the user’s browser when they click on the malicious link.
  3. DOM-based XSS: In this case, the vulnerability arises in the Document Object Model (DOM) rather than in the server’s response. The malicious script manipulates the DOM of a web page, potentially leading to security breaches.

How to Prevent ?

  • Input Validation and Sanitization: Always validate and sanitize user inputs. Use input validation on both the client and server sides to ensure that user inputs match expected formats.
  • Output Encoding: Encode user-generated content before displaying it in the browser. This prevents the browser from interpreting it as executable script.
  • Content Security Policy (CSP): Implement a CSP that specifies which sources of content are allowed to be loaded by a web page. This can help prevent the execution of unauthorized scripts.
  • Use Trusted Libraries: Use well-known and well-maintained libraries and frameworks that have built-in security features.
  • Escape Special Characters: When embedding user-generated content in HTML, JavaScript, or other contexts, escape special characters to prevent them from being interpreted as code.
  • HttpOnly and Secure Cookies: Use HttpOnly and Secure flags for cookies to prevent them from being accessed by JavaScript and transmitted over unsecured connections.
  • Regular Security Audits: Conduct regular security audits and penetration testing to identify vulnerabilities in your web application.

Lets try …