70-486 · Certification Test · Computer programming

XSS – Cross Site scripting

Reflect XSS In the querry string simply add something like msg=<script>alert(‘XSS’)<script> Persistent XSS A script that has been injected into the database.  An example would be to  add the script to a comment field.  Thus everytime the list of comments is display the scirpt is run.  OR it could be embedded in an image file.… Continue reading XSS – Cross Site scripting