CYS523 M3.8


XSS vulnerability allows a hacker to inject malicious JavaScript into a legitimate website, resulting in information disclosure and other security threats. In this activity, you will identify the vulnerabilities of web browsers and web applications that allow XSS attack.

Instructions-Watch Video

Submit a 2 to 3-page paper in a Word document with the answers to the following questions:

1.Explain how cross-site scripting can be used to steal someones cookies. Include a short discussion about the JavaScript <script> function.
2.Explain how stolen cookies can be used to cause session hijacking begin by defining session hijacking.
3.Explain how phishing enables XSS.
4.Explain how browsers have evolved to reduce the risks of XSS attacks. 
5.Explain how securely provisioned web servers protect against XSS attacks