Why can the failure to validate how user input is handled result in a cross-site scripting attack?
What will be an ideal response?
A cross-site scripting attack is a type of injection attack in which maliciously formed scripts are injected into otherwise trusted Web sites. The cross-site scripting (XSS) attack occurs when the attacker leverages a poorly configured or designed Web-based application so that it executes a browser-side script within the browser of the Web site visitor. Server-side applications (including variants of widely used Web servers) can enable these attacks to succeed. Any Web application that uses user-generated input directly as an output without validating or encoding it may be susceptible.
You might also like to view...
What is the name of a Web site that serves as a gateway to the Internet?
A. Gateway site B. Favorite link C. Portal site D. History link
The arithmetic operators with the same precedence as multiplication are ____________ and ______________ .
Fill in the blank(s) with the appropriate word(s).