Statements (22)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects |
web applications
|
| gptkbp:alsoKnownAs |
non-persistent XSS
|
| gptkbp:cause |
phishing attacks
malware distribution session hijacking |
| gptkbp:describedBy |
gptkb:OWASP_Top_Ten
|
| gptkbp:detects |
web vulnerability scanners
|
| gptkbp:distinctFrom |
gptkb:DOM-based_XSS
stored XSS |
| gptkbp:exploits |
malicious scripts
input validation flaws |
| gptkbp:firstDescribed |
early 2000s
|
| https://www.w3.org/2000/01/rdf-schema#label |
reflected XSS
|
| gptkbp:mitigatedBy |
gptkb:Content_Security_Policy
input sanitization output encoding |
| gptkbp:occurredIn |
user input is immediately returned in response without proper sanitization
|
| gptkbp:requires |
user interaction
|
| gptkbp:target |
end users
|
| gptkbp:bfsParent |
gptkb:cross-site_scripting
|
| gptkbp:bfsLayer |
5
|