XSS attacks are often divided into three types −
<script>
alert('XSS')
</script>
Burp Suite and acunetix are considered as the best vulnerability scanners.
Quick Tip
To prevent XSS attacks, keep the following points in mind −
- Persistent XSS, where the malicious string originates from the website's database.
- Reflected XSS, where the malicious string originates from the victim's request.
- DOM-based XSS, where the vulnerability is in the client-side code rather than the server-side code.
<script>
alert('XSS')
</script>
Burp Suite and acunetix are considered as the best vulnerability scanners.
Quick Tip
To prevent XSS attacks, keep the following points in mind −
- Check and validate all the form fields like hidden forms, headers, cookies, query strings.
- Implement a stringent security policy. Set character limitation in the input fields.