Faster access than browser!
71 relations: Access control, ActiveX, Adobe Flash, Ajax (programming), Alice and Bob, AngularJS, Anonymous (group), ASCII, Browser security, Buffer overflow, Code injection, Computer security, Computer worm, Content Security Policy, Cross-site request forgery, Cross-zone scripting, Denial-of-service attack, Document Object Model, Dynamic web page, Escape character, Facebook, Firefox, Gecko (software), Google Chrome, HackerOne, HTML, HTML sanitization, HTTP cookie, HTTP header injection, HTTP response splitting, Information security, Internet Explorer, Internet security, Java (programming language), JavaScript, JavaScript library, JQuery, Metasploit Project, Microsoft, Mobile IP, Myspace, Network address translation, NoScript, Obfuscation, Opera, Orkut, OWASP, Percent-encoding, Proxy server, Safari (web browser), ..., Same-origin policy, Samy (computer worm), Self-XSS, Server-side redirect, Session hijacking, SGML entity, SQL injection, Static analysis, Symantec, Twitter, VBScript, Vulnerability (computing), W3af, Web 2.0, Web application, Web application security, Web application security scanner, Web browser, Web Messaging, Web page, YouTube. Expand index (21 more) »
Access control
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource.
New!!: Cross-site scripting and Access control · See more »
ActiveX
ActiveX is a software framework created by Microsoft that adapts its earlier Component Object Model (COM) and Object Linking and Embedding (OLE) technologies for content downloaded from a network, particularly from the World Wide Web.
New!!: Cross-site scripting and ActiveX · See more »
Adobe Flash
Adobe Flash is a deprecated multimedia software platform used for production of animations, rich Internet applications, desktop applications, mobile applications, mobile games and embedded web browser video players.
New!!: Cross-site scripting and Adobe Flash · See more »
Ajax (programming)
Ajax (also AJAX; short for "Asynchronous JavaScript And XML") is a set of Web development techniques using many Web technologies on the client side to create asynchronous Web applications.
New!!: Cross-site scripting and Ajax (programming) · See more »
Alice and Bob
Alice and Bob are fictional characters commonly used as placeholder names in cryptology, as well as science and engineering literature.
New!!: Cross-site scripting and Alice and Bob · See more »
AngularJS
AngularJS (commonly referred to as "Angular.js" or "AngularJS") is a JavaScript-based open-source front-end web application framework mainly maintained by Google and by a community of individuals and corporations to address many of the challenges encountered in developing single-page applications.
New!!: Cross-site scripting and AngularJS · See more »
Anonymous (group)
Anonymous is a decentralized international hacktivist group that is widely known for its various DDOS cyber attacks against several governments, government institutions & government agencies, corporations, and the Church of Scientology.
New!!: Cross-site scripting and Anonymous (group) · See more »
ASCII
ASCII, abbreviated from American Standard Code for Information Interchange, is a character encoding standard for electronic communication.
New!!: Cross-site scripting and ASCII · See more »
Browser security
Browser security is the application of Internet security to web browsers in order to protect networked data and computer systems from breaches of privacy or malware.
New!!: Cross-site scripting and Browser security · See more »
Buffer overflow
In information security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations.
New!!: Cross-site scripting and Buffer overflow · See more »
Code injection
Code injection is the exploitation of a computer bug that is caused by processing invalid data.
New!!: Cross-site scripting and Code injection · See more »
Computer security
Cybersecurity, computer security or IT security is the protection of computer systems from theft of or damage to their hardware, software or electronic data, as well as from disruption or misdirection of the services they provide.
New!!: Cross-site scripting and Computer security · See more »
Computer worm
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers.
New!!: Cross-site scripting and Computer worm · See more »
Content Security Policy
Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context.
New!!: Cross-site scripting and Content Security Policy · See more »
Cross-site request forgery
Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts.
New!!: Cross-site scripting and Cross-site request forgery · See more »
Cross-zone scripting
Cross-zone scripting is a browser exploit taking advantage of a vulnerability within a zone-based security solution.
New!!: Cross-site scripting and Cross-zone scripting · See more »
Denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
New!!: Cross-site scripting and Denial-of-service attack · See more »
Document Object Model
The Document Object Model (DOM) is a cross-platform and language-independent application programming interface that treats an HTML, XHTML, or XML document as a tree structure wherein each node is an object representing a part of the document.
New!!: Cross-site scripting and Document Object Model · See more »
Dynamic web page
A server-side dynamic web page is a web page whose construction is controlled by an application server processing server-side scripts.
New!!: Cross-site scripting and Dynamic web page · See more »
Escape character
In computing and telecommunication, an escape character is a character which invokes an alternative interpretation on subsequent characters in a character sequence.
New!!: Cross-site scripting and Escape character · See more »
Facebook is an American online social media and social networking service company based in Menlo Park, California.
New!!: Cross-site scripting and Facebook · See more »
Firefox
Mozilla Firefox (or simply Firefox) is a free and open-source web browser developed by Mozilla Foundation and its subsidiary, Mozilla Corporation.
New!!: Cross-site scripting and Firefox · See more »
Gecko (software)
Gecko is a browser engine developed by Mozilla.
New!!: Cross-site scripting and Gecko (software) · See more »
Google Chrome
Google Chrome is a freeware web browser developed by Google LLC.
New!!: Cross-site scripting and Google Chrome · See more »
HackerOne
HackerOne is a vulnerability coordination and bug bounty platform that connects businesses with cybersecurity researchers.
New!!: Cross-site scripting and HackerOne · See more »
HTML
Hypertext Markup Language (HTML) is the standard markup language for creating web pages and web applications.
New!!: Cross-site scripting and HTML · See more »
HTML sanitization
HTML sanitization is the process of examining an HTML document and producing a new HTML document that preserves only whatever tags are designated "safe" and desired.
New!!: Cross-site scripting and HTML sanitization · See more »
HTTP cookie
An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.
New!!: Cross-site scripting and HTTP cookie · See more »
HTTP header injection
HTTP header injection is a general class of web application security vulnerability which occurs when Hypertext Transfer Protocol (HTTP) headers are dynamically generated based on user input.
New!!: Cross-site scripting and HTTP header injection · See more »
HTTP response splitting
HTTP response splitting is a form of web application vulnerability, resulting from the failure of the application or its environment to properly sanitize input values.
New!!: Cross-site scripting and HTTP response splitting · See more »
Information security
Information security, sometimes shortened to InfoSec, is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information.
New!!: Cross-site scripting and Information security · See more »
Internet Explorer
Internet Explorer (formerly Microsoft Internet Explorer and Windows Internet Explorer, commonly abbreviated IE or MSIE) is a series of graphical web browsers developed by Microsoft and included in the Microsoft Windows line of operating systems, starting in 1995.
New!!: Cross-site scripting and Internet Explorer · See more »
Internet security
Internet security is a branch of computer security specifically related to the Internet, often involving browser security but also network security on a more general level, as it applies to other applications or operating systems as a whole.
New!!: Cross-site scripting and Internet security · See more »
Java (programming language)
Java is a general-purpose computer-programming language that is concurrent, class-based, object-oriented, and specifically designed to have as few implementation dependencies as possible.
New!!: Cross-site scripting and Java (programming language) · See more »
JavaScript
JavaScript, often abbreviated as JS, is a high-level, interpreted programming language.
New!!: Cross-site scripting and JavaScript · See more »
JavaScript library
A JavaScript library is a library of pre-written JavaScript which allows for easier development of JavaScript-based applications, especially for AJAX and other web-centric technologies.
New!!: Cross-site scripting and JavaScript library · See more »
JQuery
jQuery is a cross-platform JavaScript library designed to simplify the client-side scripting of HTML.
New!!: Cross-site scripting and JQuery · See more »
Metasploit Project
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
New!!: Cross-site scripting and Metasploit Project · See more »
Microsoft
Microsoft Corporation (abbreviated as MS) is an American multinational technology company with headquarters in Redmond, Washington.
New!!: Cross-site scripting and Microsoft · See more »
Mobile IP
Mobile IP (or MIP) is an Internet Engineering Task Force (IETF) standard communications protocol that is designed to allow mobile device users to move from one network to another while maintaining a permanent IP address.
New!!: Cross-site scripting and Mobile IP · See more »
Myspace
Myspace (stylized as MySpace) is a social networking website offering an interactive, user-submitted network of friends, personal profiles, blogs, groups, photos, music, and videos.
New!!: Cross-site scripting and Myspace · See more »
Network address translation
Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
New!!: Cross-site scripting and Network address translation · See more »
NoScript
NoScript (or NoScript Security Suite) is a free software extension for Mozilla Firefox, SeaMonkey, and other Mozilla-based web browsers, created and actively maintained by Giorgio Maone, an Italian software developer and member of the Mozilla Security Group.
New!!: Cross-site scripting and NoScript · See more »
Obfuscation
Obfuscation is the obscuring of the intended meaning of communication by making the message difficult to understand, usually with confusing and ambiguous language.
New!!: Cross-site scripting and Obfuscation · See more »
Opera
Opera (English plural: operas; Italian plural: opere) is a form of theatre in which music has a leading role and the parts are taken by singers.
New!!: Cross-site scripting and Opera · See more »
Orkut
Orkut was a social networking website owned and operated by Google.
New!!: Cross-site scripting and Orkut · See more »
OWASP
The Open Web Application Security Project (OWASP), an online community, produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
New!!: Cross-site scripting and OWASP · See more »
Percent-encoding
Percent-encoding, also known as URL encoding, is a mechanism for encoding information in a Uniform Resource Identifier (URI) under certain circumstances.
New!!: Cross-site scripting and Percent-encoding · See more »
Proxy server
In computer networks, a proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers.
New!!: Cross-site scripting and Proxy server · See more »
Safari (web browser)
Safari is a web browser developed by Apple based on the WebKit engine.
New!!: Cross-site scripting and Safari (web browser) · See more »
Same-origin policy
In computing, the same-origin policy is an important concept in the web application security model.
New!!: Cross-site scripting and Same-origin policy · See more »
Samy (computer worm)
Samy (also known as JS.Spacehero) is an XSS worm that was designed to propagate across the MySpace social-networking site written by Samy Kamkar.
New!!: Cross-site scripting and Samy (computer worm) · See more »
Self-XSS
Self-XSS is a social engineering attack used to gain control of victims' web accounts.
New!!: Cross-site scripting and Self-XSS · See more »
Server-side redirect
A server side redirect is a method of URL redirection using an HTTP status code (e.g., 301 Moved Permanently, 303 See Other and 307 Temporary Redirect) issued by a web server in response to a request for a particular URL.
New!!: Cross-site scripting and Server-side redirect · See more »
Session hijacking
In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
New!!: Cross-site scripting and Session hijacking · See more »
SGML entity
In the Standard Generalized Markup Language (SGML), an entity is a primitive data type, which associates a string with either a unique alias (such as a user-specified name) or an SGML reserved word (such as #DEFAULT).
New!!: Cross-site scripting and SGML entity · See more »
SQL injection
SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).
New!!: Cross-site scripting and SQL injection · See more »
Static analysis
Static analysis, static projection, or static scoring is a simplified analysis wherein the effect of an immediate change to a system is calculated without regard to the longer-term response of the system to that change.
New!!: Cross-site scripting and Static analysis · See more »
Symantec
Symantec Corporation (commonly known as Symantec) is an American software company headquartered in Mountain View, California, United States.
New!!: Cross-site scripting and Symantec · See more »
Twitter is an online news and social networking service on which users post and interact with messages known as "tweets".
New!!: Cross-site scripting and Twitter · See more »
VBScript
VBScript ("Microsoft Visual Basic Scripting Edition") is an Active Scripting language developed by Microsoft that is modeled on Visual Basic.
New!!: Cross-site scripting and VBScript · See more »
Vulnerability (computing)
In computer security, a vulnerability is a weakness which can be exploited by a Threat Actor, such as an attacker, to perform unauthorized actions within a computer system.
New!!: Cross-site scripting and Vulnerability (computing) · See more »
W3af
w3af (web application attack and audit framework) is an open-source web application security scanner.
New!!: Cross-site scripting and W3af · See more »
Web 2.0
Web 2.0 refers to World Wide Web websites that emphasize user-generated content, usability (ease of use, even by non-experts), and interoperability (this means that a website can work well with other products, systems, and devices) for end users.
New!!: Cross-site scripting and Web 2.0 · See more »
Web application
In computing, a web application or web app is a client–server computer program which the client (including the user interface and client-side logic) runs in a web browser.
New!!: Cross-site scripting and Web application · See more »
Web application security
Web application security is a branch of Information Security that deals specifically with security of websites, web applications and web services.
New!!: Cross-site scripting and Web application security · See more »
Web application security scanner
A web application security scanner is a program which communicates with a web application through the web front-end in order to identify potential security vulnerabilities in the web application and architectural weaknesses.
New!!: Cross-site scripting and Web application security scanner · See more »
Web browser
A web browser (commonly referred to as a browser) is a software application for accessing information on the World Wide Web.
New!!: Cross-site scripting and Web browser · See more »
Web Messaging
Web Messaging or cross-document messaging, is an API introduced in the WHATWG HTML5 draft specification, allowing documents to communicate with one another across different origins, or source domains while rendered in a web browser.
New!!: Cross-site scripting and Web Messaging · See more »
Web page
A web page (also written as webpage) is a document that is suitable for the World Wide Web and web browsers.
New!!: Cross-site scripting and Web page · See more »
YouTube
YouTube is an American video-sharing website headquartered in San Bruno, California.
New!!: Cross-site scripting and YouTube · See more »
Redirects here:
CSS attack, Cross Site Scripting, Cross site scripting, Cross-Site Scripting, Cross-site Scripting, Cross-site scripting attack, UXSS, UXSS attack, Universal XSS, Universal cross-site scripting, X-site scripting, XSS, XSS attack, XXS, Xss.
References
[1] https://en.wikipedia.org/wiki/Cross-site_scripting
