XSS Cross Site Scripting
I thought I would share this well know hacking technique with everyone because I think it is very interesting. XSS Cross Site Scripting is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Vulnerabilities of this kind have been exploited to craft powerful phishing attacks and browser exploits. As of 2007, cross-site scripting carried out on websites were roughly 80% of all documented security vulnerabilities. Often during an attack "everything looks fine" to the end-user who may be exposed to unauthorized access, theft of sensitive data and financial loss. This was a popular way to capture Myspace users login information by injecting this script into a blog post. If you would like more information regarding this vulnerability to protect yourself from it please contact us.
