Correct option is A
Cross-Site Scripting (XSS) is a type of injection attack where attackers inject malicious scripts, typically JavaScript, into websites. These scripts execute in the browser of users who visit the compromised website, allowing attackers to steal sensitive data, hijack sessions, or perform other malicious activities.
Important Key Points:
1. XSS attacks occur due to improper validation or sanitization of user inputs.
2. There are three types of XSS attacks:
Stored XSS,
Reflected XSS, and
DOM-Based XSS.
3. XSS prevention methods include input validation, escaping output, and implementing Content Security Policies (CSP).
Knowledge Booster:
·
SQL Injection: Targets databases by injecting malicious SQL queries.
·
Denial of Service (DoS): Overwhelms servers with excessive requests to disrupt services.
·
Command Injection: Executes arbitrary commands on the host operating system.