Introduction HDIV
Cross-Site Scripting (XSS)
This attack technique is based in the injection of code (javascript or html) in the pages visualized by the application user.
Example: We have a web page where we can type a text, as is shown in the image below:
Image 1 2 - XSS Vulnerability Sample
The html code of the page is:
Typing the following text in the textbox:
Eurohelp Consulting 2010