What Is Cross-Site Scripting (XSS) and How Does It Work?
What are XSS Attack Types?
There are 3 types of XSS attacks:
- Reflected XSS: It comes directly from the HTTP request.
- Stored XSS: Income from the database, also referred to as permanent.
- DOM-based XSS: It is a type of XSS that is born within HTML objects as a result of insufficient control of the objects.
What is Reflected Cross-Site Scripting?
Occurs when an application receives data in an HTTP request and insecurely incorporates that data into the immediate response.
In the form of a connection example; It receives a "variable" data that exists in endpoint.php, if this data (DATA) is directly included in the content, it will be here. Reflected XSS weakness will occur.
After a JS code sent in the form returns from the remote server, it is interpreted by the browser's HTML engine and our cookie value is printed on the screen.
What is Stored XSS?
As in the example above, malicious codes written when there is no control on the inputs processed into the database will be called from the database as it is, and will be interpreted and run by the browser engine.
After the JS code written in the picture above is interpreted, an alarm in the form of "xss" is received on the screen.
What is DOM-based XSS?
Solution Suggestions Against XSS Vulnerability
All input from the user should be considered insecure. In this manner;
- The accuracy of the input,
- Sterilize the Input,
- The input must have gone through the encoding process.
Every encoding process should be done in accordance with the content.
that cause critical or high levels of findings in penetration testing studies XSS vulnerability It is a vulnerability that requires quick action and significantly reduces system security.