Statements (20)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
Web security vulnerability
|
| gptkbp:affects |
Web applications
|
| gptkbp:alsoKnownAs |
gptkb:Reflected_XSS
|
| gptkbp:category |
gptkb:Cross-site_scripting
|
| gptkbp:cause |
Phishing
Session hijacking Data theft Malicious redirection |
| gptkbp:doesNotStorePayload |
True
|
| gptkbp:exploits |
User input
|
| gptkbp:firstDescribed |
Early 2000s
|
| https://www.w3.org/2000/01/rdf-schema#label |
Non-persistent XSS
|
| gptkbp:mitigatedBy |
gptkb:Content_Security_Policy
Input validation Output encoding |
| gptkbp:payloadDeliveredVia |
HTTP request
|
| gptkbp:payloadReflectedIn |
HTTP response
|
| gptkbp:requires |
User interaction
|
| gptkbp:bfsParent |
gptkb:Reflected_XSS
|
| gptkbp:bfsLayer |
6
|