Cross site scripting tutorial

Image via Wikipedia

Cross Site Scripting (XSS) is a code injection vulnerability found in web applications and is generally used by malicious hackers to hijack a legitimate user's session with the website. XSS vulnerabilities are caused because of improper validation of user input by the Server and then sending this invalidated input back to the user in some exploitable form.

Related articles

• Persistent XSS on Twitter.com (praetorianprefect.com)
• XSS Vulnerabilities Gushing on BP website (imperva.com)
• Google tutorial lets developers play malicious hacker (go.theregister.com)
• Microsoft Internet Explorer's XSS Filter Can Be Abused to Execute Cross-site Scripting Attacks (techie-buzz.com)
• Google acts to fix YouTube flaw (news.bbc.co.uk)