You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Cross-Site Scripting (XSS) is a type of injection attack where malicious JavaScript is injected into a website. When a user visits the affected web page, the Javascript executes within that user’s browser in the context of the domain. This instance of XSS can be found on the domain which allows an attacker to control code that is executed within a user’s Internet Explorer browser.
From here, an attacker could carry out any actions that the user is able to perform, including accessing any of the user's data and modifying information within the user’s permissions.
Cross-Site Scripting (XSS) is a type of injection attack where malicious JavaScript is injected into a website. When a user visits the affected web page, the Javascript executes within that user’s browser in the context of the domain. This instance of XSS can be found on the domain which allows an attacker to control code that is executed within a user’s Internet Explorer browser. From here, an attacker could carry out any actions that the user is able to perform, including accessing any of the user's data and modifying information within the user’s permissions.
## Business Impact
Expand All
@@ -25,6 +23,6 @@ XSS could result in reputational damage for the business through the impact to c
## Proof of Concept (PoC)
Below is a screenshot demonstrating the injected JavaScript executing:
The following screenshot(s) demonstrate(s) this vulnerability:
