Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the
application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a
request which, if issued by another application user, will cause JavaScript code supplied by the attacker
to execute within the user's browser in the context of that user's session with the application.
The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session
token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.
Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker
can send a victim a link containing a malicious URL in an email or instant message. They can submit the
link to popular web sites that allow content authoring, for example in blog comments. And they can create
an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests
to the vulnerable application (using either the GET or the POST method).
Submitted by : Samad Khan (Con5tanTine)
application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a
request which, if issued by another application user, will cause JavaScript code supplied by the attacker
to execute within the user's browser in the context of that user's session with the application.
The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session
token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.
Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker
can send a victim a link containing a malicious URL in an email or instant message. They can submit the
link to popular web sites that allow content authoring, for example in blog comments. And they can create
an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests
to the vulnerable application (using either the GET or the POST method).
Submitted by : Samad Khan (Con5tanTine)