Secure 0118 359 2220 Get Started

Press ESC to close or Enter to search

Popular Pages
Managed IT Cyber Security Case Studies Pricing Contact
Home
About Us
Services
Managed IT Services Cyber Security & Compliance Microsoft 365 Cloud & Hosting Backup & Disaster Recovery Connectivity & Telephony Incident Response & 24/7 IT Support Reading
Pricing
Tools
Domain Health Check About You Password Generator
Resources
Case Studies Threat Intelligence Blog & Insights Guides FAQs Customer Portal Remote Support
Contact
Get Started
Live Security Feed
Your IPDetecting...
NCSCUK organisations urged to strengthen cyber defences ALERTPhishing attacks targeting Microsoft 365 users on the rise CISACritical vulnerabilities identified in popular software NEWSRansomware groups increasingly targeting SME businesses NCSCNew guidance released for securing remote workers ALERTBusiness email compromise attacks cost UK firms millions CISAZero-day exploits require immediate patching attention NEWSAI-powered threats becoming more sophisticated in 2025 NCSCUK organisations urged to strengthen cyber defences ALERTPhishing attacks targeting Microsoft 365 users on the rise CISACritical vulnerabilities identified in popular software NEWSRansomware groups increasingly targeting SME businesses NCSCNew guidance released for securing remote workers ALERTBusiness email compromise attacks cost UK firms millions CISAZero-day exploits require immediate patching attention NEWSAI-powered threats becoming more sophisticated in 2025
View Dashboard

Cross-Site Scripting

Attacks

Attack that injects malicious scripts into trusted websites to execute in victims' browsers.

Cross-Site Scripting (XSS) injects malicious scripts into web pages viewed by other users. When victims load the compromised page, the script executes in their browser with access to cookies, session tokens, and page content. XSS can steal credentials, hijack sessions, redirect users to malicious sites, or modify page content. There are three types: Stored XSS (script saved on server), Reflected XSS (script in URL parameters), and DOM-based XSS (client-side manipulation). XSS consistently ranks in the OWASP Top 10 vulnerabilities.

Why It Matters

The DSC Perspective:

XSS enables attackers to act as legitimate users, stealing sessions and credentials. Web applications need proper input validation and output encoding. Content Security Policy (CSP) headers provide additional XSS protection.

Related Terms

XSS