This Guide Was Written For HellForums in Old Days But It Is Still Valuable
Introduction
This is going to be my official XSS handbook. I've written a XSS handbook on a different alias, butIntroduction
decided to leave it due to it being used in too many databases.
Please note that this is not copied, because that would trace back to my old alias.
This handbook is now updated and fixed.
What is XSS?
XSS, also known as cross-site scripting is a web vulnerability. It's caused when the user inputis not sanitized correctly, and is therefore executed.
Let's say there's a search box on a website. If you search for the word "cat" and press enter you'll
probably come to a second page where it says something like "500 results for the word 'cat'".
This means that the websites HTML is looking something like this.
QUOTE:
<h1>500 results for the word 'cat'.</h1>
not sanitized correctly and is executed. Let's say you search for this instead: <script>alert('XSS')</script>.
Now the HTML code would look like this instead.
You must reply before you can see the hidden data contained here.