D
D
dimasibirak2017-08-02 08:09:39
Burglary protection
dimasibirak, 2017-08-02 08:09:39

What is the danger of XSS?

Good afternoon, dear forum users, here I wondered what is the danger of XSS on the site?
Let's say there is a vulnerability in the login form of the following type "><script>alert("ok");</script>
. It's impossible to exploit it, I understand if you create infected pages, or when xss is present in the guestbook, comments, etc.

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Alexey Ukolov, 2017-08-02
@dimasibirak

A vulnerability in the login form means that you can add an arbitrary script to the login field (for example, stealing cookies). And it does not work in this form, but wherever this login is displayed on the page (in the guest book, comments, and so on). And it works not only for you, but for everyone who sees this login.
This, in fact, is the danger of XSS: you get the opportunity to execute an arbitrary script on behalf of a user on an infected site.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question