Now days web application consist of on complex web application to deliver different output or content. And web site used the complex data for wide variety of users according to set preferences and specific needs. Web application with the ability to provide useful information to their customers. Web applications are available 24 hour for users. Now day’s web application apically dynamic websites suffer from serious hacker attacks and organization helpless and prone to cross site scripting attacks on their data.
Cross scripting is one of the most common hacker strategy and they attacks on web application through cross scripting. Cross scripting embedded in page and it run on client side rather than on user side. Cross scripting itself is a threat which is bought about by the internet security weaknesses of client side scripting language.
For example cross scripting is when a malicious user injects a script in a shopping site URL which in turn redirects to a user to a fake but identical page. When malicious code added to user side when script it run then it capture the cookies of the user browsing the shopping site and then cookies sent to hacker. Cross site scripting has still exploited a scripting weakness in the page to snare to the malicious user now hack the legitimate user’s session. Malicious URL trick is often used. URLs are less obvious is to have the XSS part of the URL encoded in HEX. This will look harmless to the user who recognizes the URL he is familiar with and simply disregard and follow the trick code which would be encoded and therefore inconspicuous.
ISO 27001 UK is internationally recognized information security standard as a way of demonstrating their security credential to their clients. ISO certification is good news for any size of business in any sector. ISO standard is help full in web application security.
What is the Cross site scripting?