Cross-Site Scripting (XSS) Vulnerabilities

XSS: The most commonly exploited vulnerability

Cross-site scripting (XSS) is one of the most common and well-known vulnerabilities contained within web applications. It consistently appears in the OWASP list of the Top Web Application Security Risks and was used in 40% of online cyberattacks against large enterprises in Europe and North America in 2019. According to HackerOne, XSS vulnerabilities are the most common vulnerability type discovered in bug bounty programs, despite the fact that most companies undervalue it because it rarely leads to large-scale data breaches.

The root cause of XSS vulnerabilities is when a web application uses untrusted input without performing proper validation first. If a web server embeds user input in a page’s HTML code before sending it to the client, then malicious input could enable the execution of attacker-controlled code within the user’s browser.

The reason for this is that the HTML standard allows other types of code to be embedded in HTML files if they are properly tagged. This includes Javascript code if it is contained within <script></script> tags. If an attacker provides malicious input that results in a valid web page when embedded in the HTML file, then the browser requesting the page will run the code believing that it is a legitimate part of the web page.

This becomes a serious security problem due to the same-origin policy used to control access to data within web pages. Anything coming from the same place has access to the same set of data. This means that an attacker’s script embedded within a legitimate page processing sensitive information (credit card numbers, etc.) will have access to that information as well and is able to send a copy to the script’s operator.

Types of XSS exploits

XSS attacks all take advantage of insecure use of untrusted user (Read more...)