Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
dimasibirak2017-08-02 08:09:39
Burglary protection
dimasibirak, 2017-08-02 08:09:39

What is the danger of XSS?

Good afternoon, dear forum users, here I wondered what is the danger of XSS on the site?
Let's say there is a vulnerability in the login form of the following type "><script>alert("ok");</script>
. It's impossible to exploit it, I understand if you create infected pages, or when xss is present in the guestbook, comments, etc.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexey Ukolov, 2017-08-02
@dimasibirak

A vulnerability in the login form means that you can add an arbitrary script to the login field (for example, stealing cookies). And it does not work in this form, but wherever this login is displayed on the page (in the guest book, comments, and so on). And it works not only for you, but for everyone who sees this login.
This, in fact, is the danger of XSS: you get the opportunity to execute an arbitrary script on behalf of a user on an infected site.

Similar questions
N
Neron2018-05-30 16:10:18
Is it possible to restrict WP account login without removing the ability to comment on a blog? 1Reply
B
Bauyrzhan (Baur) Sovetkali2018-05-31 11:49:01
What skills do you need to test website/application security? 1Reply
A
AleVerDes2016-01-22 16:21:55
How to intercept a call to a DLL from a program? 3Reply
A
Alek Ivanov2018-06-11 22:11:50
What data does iphone send to the server? 1Reply
N
nameqaw2020-07-10 07:21:05
Are Windows images from philka safe? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question