Cross-Site Scripting (XSS): A type of security vulnerability that targets web applications, XSS enables attackers to inject malicious scripts into webpages viewed by other users. By exploiting the trust a user has for a particular site, these scripts can access any cookies, session tokens, or other sensitive information retained by the user’s browser related to that site, potentially leading to unauthorized actions. XSS can be classified into different types (e.g., stored, reflected, and DOM-based) for a more comprehensive understanding.
Categories: CC D5: Security Operations | CCSP D4: Cloud Application Security | CISM D3: Information Security Program | CISSP D8: Software Development Security | Security+ D2: Threats Vulnerabilities and Mitigations | SSCP D7: Systems and Application Security
« Back to Glossary Index