Last week I wrote about Cross-Site Scripting, and the serious consequences it can have.
According to OWASP, XSS affects about two thirds of all applications. That statistic should scare you!
Now that I have your attention, let’s look at how we can stop XSS.
I’ve mentioned Cross-Site Scripting, aka XSS, in some of my previous posts. And I’m sure you’ve heard of it as well.
XSS is often categorised as either reflected XSS or stored XSS. And then DOM-based XSS was added. OWASP now categorises XSS as:
Both of these can be either reflected or stored, which can make it all a little confusing.