Cross-Site Scripting

GPTKB entity

Statements (33)
Predicate Object
gptkbp:instanceOf Web security vulnerability
gptkbp:abbreviation gptkb:XSS
gptkbp:affects Web applications
gptkbp:can_be_exploited_by Attackers
Malicious users
gptkbp:cause Malware distribution
Phishing
Defacement
Session hijacking
Data theft
gptkbp:detects Web application scanners
gptkbp:exploits User input validation flaws
gptkbp:firstDescribed 2000
https://www.w3.org/2000/01/rdf-schema#label Cross-Site Scripting
gptkbp:impact Availability breach
Confidentiality breach
Integrity breach
gptkbp:listedOn gptkb:OWASP_Top_Ten
gptkbp:mitigatedBy Web application firewalls
gptkbp:prevention gptkb:Content_Security_Policy
Output encoding
Input sanitization
Secure coding practices
Framework security features
gptkbp:relatedTo gptkb:Cross-Site_Request_Forgery
gptkb:SQL_Injection
gptkbp:target Web browsers
gptkbp:type gptkb:DOM-based_XSS
gptkb:Reflected_XSS
gptkb:Stored_XSS
gptkbp:uses Malicious scripts
gptkbp:bfsParent gptkb:XSS
gptkbp:bfsLayer 6