Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Web_security_vulnerability
|
| gptkbp:affects |
Web applications
|
| gptkbp:alsoKnownAs |
gptkb:Non-persistent_XSS
|
| gptkbp:canBe |
Social engineering
Crafted URLs Malicious email links |
| gptkbp:cause |
Phishing attacks
Session hijacking Malicious script execution |
| gptkbp:describedBy |
gptkb:OWASP_Top_Ten
|
| gptkbp:detects |
Web vulnerability scanners
|
| gptkbp:exploits |
Input validation flaws
|
| gptkbp:firstDescribed |
Early 2000s
|
| gptkbp:mitigatedBy |
gptkb:Content_Security_Policy
Output encoding Input sanitization |
| gptkbp:occurredIn |
User input is immediately returned by the server
|
| gptkbp:relatedTo |
gptkb:DOM-based_XSS
gptkb:Stored_XSS |
| gptkbp:requires |
User interaction
|
| gptkbp:bfsParent |
gptkb:XSS_(Cross-site_scripting)
|
| gptkbp:bfsLayer |
6
|
| https://www.w3.org/2000/01/rdf-schema#label |
Reflected XSS
|