What is Cross-Site Scripting (XSS)
Cross-site scripting (XSS) is a type of attack that applies directly to a reliable and secure client-program or website, by embedding its malicious code in the vulnerability of the application or site. The difference between SQL code injection and XSS is that XSS targets the user, not the application itself. This attack provides a devastating effect on the online business and its customers.
In the end, after this attack, the attacked machine can get infected with trojan programs, user’s credentials may be compromised and website pages – changed. Alongside that, data leaks may occur.
Some Types of Cross-Site Scripting
The attacks that use XSS are divided into the two most common types: stored and reflected, and there is a third type of XSS that is based on DOM (Document Object Model.)
This is a type of attack where the embedded code is constantly present on message forums, servers, databases, comment fields, visitor logs, etc. then the user receives a malicious script from the server when making a request for the stored information. This type can also be called Type-I or Persistent XSS.
Here, hackers execute the attack via links to trusted websites. Such links themselves contain additional scripts that exploit the website vulnerabilities. That is why these are “reflected” attacks. The victim follows a link to a trusted website, but the flaw on that site combined with the code embedded into the link results in redirecting the user to a server with a malicious payload. The malicious links are usually distributed via spam mailings.
DOM Based XSS
What can XSS be used for?
When attackers use XSS, they can:
- Perform the actions that the user can perform.
- Distribute and implement trojan programs on websites.
- Capture user account data.
- Masquerading as a victim or impersonating a user.
- Read any data available to the user.
Impact of XSS Vulnerabilities
The impact of a cross-site scripting attack on a user depends mainly on its functions and data, the nature of applications, and the status of the user that the attacker is trying to compromise. Let’s get some examples of these effects.
- The impact is considered minimal for a brochure wire application, where all information is public and users are anonymous.
- The impact will be severe on an application that stores confidential data: emails, bank accounts, and medical records.
- The critical impact will be if the compromised user has elevated privileges in the application. In this case, the attacker can compromise all users with their data through the gained control over the vulnerable application.
XSS Attack Consequences
The consequences of XSS must be remembered and understood that they are more serious than we think. No matter what type of attack the XSS uses, it is aimed at threatening users. The problems that XSS can cause range from annoyance to completely compromised user accounts and even computers.
Also, XSS attacks can cause more serious damage. If attackers want to intercept a user’s session and take possession of the user’s account, they can easily use the disclosure of a cookie.
Other attacks can redirect users to malicious pages or sites, install Trojan programs, change vital content, and more. If the attackers aim to damage the reputation of the company, to influence the price of shares in the company, they will use all the vulnerabilities of XSS.
How to Prevent Cross-Site Scripting Attacks
The level of difficulty of prevention by XSS depends on many factors. Such as the complexity of applications and the ways in which user-controlled data is processed. But in order to figure out how to still warn yourself of XSS, below we will consider the following measures:
- Filter input on arrival
Filter strictly expected or valid input at the moment of receiving user input.
- Encode data on output
To prevent the interpretation of outgoing data, encode it when it appears in HTTP responses.
- Use appropriate response headers
- Content Security Policy
Use Content Security Policy (CSP) for the last line of protection to help eliminate new vulnerabilities.