image of Shaw Website Design Group's Opening Header image of Shaw learning resource bubbles Image of Shaw Web Development Header Image of Shaw Content Management System - CMS HeaderImage of Shaw’s Application Development Services Image of Shaw’s Extensive Graphic Design Services Image of Shaw’s Mobile Application and Web Design header image Image of Shaw’s SEO and Directory Marketing Services header image Image of Shaw’s Social media - search engine marketing header image

Cross Site Scripting - XSS Attacks


XSS attacks have become one of the most prevalent and dangerous security issue affecting web applications today. According to the Microsoft Security Intelligence Report Volume 13, there has been a significant increase in reported XSS cases over the past two years, to the point where XSS vulnerabilities have started to displace other types of reported vulnerabilities by percentage. An analysis of the vulnerabilities reported in the first half of 2012 revealed that 37% of all verified vulnerabilities involved XSS techniques that the Internet Explorer XSS Filter can mitigate.  


XSS vulnerabilities occur whenever an application takes data that originated from a user and sends it to a web browser without first properly validating or encoding it. XSS attacks can be used to hijack user sessions, deface websites, conduct port scans on victims’ internal networks, conduct phishing attacks and/or take over users’ web browsers.

Take control over a Remote System via XSS

If you want to know how to defend, sometimes the best place to start is to know your enemy. At AusCERT 2013, WatchGuard director of security strategy Corey Nachreiner walked information security professionals through a couple of common tools and techniques that many hackers use on a very basic level.


Nachreiner walks through Rapid7's Metasploit tool, showing how even "script kiddies" can easily use it thanks to its relatively user-friendly graphical user interface.

Cross site scripting and SQL injection
goto Shaw Website Design Group main page
go to our contact page
view other blog posts

Comments: 1 (Discussion closed)
  • #1

    Wilber Ruhland (Tuesday, 31 January 2017 08:51)

    Heya i'm for the first time here. I found this board and I find It really useful & it helped me out much. I hope to give something back and aid others like you aided me.