Professional Documents
Culture Documents
Information Security: Muhammad Aon Balouch
Information Security: Muhammad Aon Balouch
Information Security: Muhammad Aon Balouch
Name:
Muhammad Aon Balouch
Class:
BS IT 4th
Roll. No:
LDBTT-19-36 (morning)
1. Cross-Site Scripting (XSS) Attacks:
Cross-site scripting, commonly referred to as XSS, occurs when
hackers execute malicious JavaScript within a victim’s browser.
While JavaScript is client side and does not run on the server, it
can be used to interact with the server by performing background
requests. Attackers can use these background requests to add
unwanted spam content to a web page without refreshing it,
gather analytics about the client’s browser, or perform actions
asynchronously.
How Do Cross-Site Scripting
Attacks Work?
When attackers inject their own code into a web page, typically
accomplished by exploiting a vulnerability on the website’s
software, they can then inject their own script, which is executed
by the victim’s browser.