Cross-site Scripting (XSS)

A web-browser may unknowingly run malicious client-side scripts (like JavaScript) that may be have been placed within the content from a trusted site.

Injection focused on: PHP Ruby on Rails
Answers (instructor access only): PHP

For details on these vulnerabilities and more, visit The Open Web Application Security Project (OWASP).

Copyright © Towson University