Cross-site scripting is also known as XSS. It is a web security vulnerability that allows the hacker to compromise the interactions that users have with a vulnerable application. Do you remember the time in the year 2018, where British Airways reported a Data breach that affected 380,000 booking transactions between august and September? The breach was possible due to a cross-site scripting vulnerability.
This type of vulnerability enabled a hacker group known as “Magecart” to inject a malicious JavaScript library into an unsecured payment form on British Airways website so that when users submitted the form, the credit card details and the personal data was recorded and was sent to the server that the attackers controlled. The vulnerability was caught, but still the company was fined over 220 million US dollars for failure to comply with General Data Protection Regulation (GDPR).
To avoid these kind of attack and prevent your website from cross site scripting, you should know what it is and what can be done? Let’s get into it without wasting time and stick till the end to know everything about cross site scripting.
What is Cross Site Scripting?
Cross site scripting, which is also known as XSS, is a type of attack in which the user injects a malicious code into a trustworthy website, and stops the interactions done in the website. Which automatically results in the loss of data and inconvenience.
The main intention of the hacker is to gain access data to a user’s data, like any cookies or session retained by the browser, to masquerade as the user and carries out certain actions in the application.
Instances of Cross Site Scripting:
Imagine you are buying something at an e-commerce site, and the perpetrator discovers a vulnerability on an ecommerce site that allows them to insert malicious code within specific product listing pages. Now, when you click on a compromised listing, you will be automatically redirected to page asking you to login, and then the perpetrator will have your account username and password, with these informations they can easily access your personal data including your credit card.
What can Cross Site Scripting be used for?
An attacker who exploits a cross-site scripting vulnerability is typically able to:
- Impersonate or masquerade as the victim user.
- Carry out any action that the user is able to platform.
- Read any data that the user is able to access.
- Capture the user’s login credentials.
- Perform virtual defacement of the web site.
- Inject Trojan functionality into the web site.
Types of Cross Site Scripting Attacks
Cross-site scripting attacks can be categorized in three ways: reflected, stored, and DOM Based attacks. Stored and reflected attacks are well known by most people. let’s discuss about these attacks in the below section.
Stored Cross Site Scripting:
Stored cross-site scripting is also known by the name Non-persistent or Type-1 cross site scripting. It refers to the attacks in which malicious script is stored in the target servers permanently. It might be stored in the database, message forum, visitor log, or comment field.
A user that requests the stored information from the server will also retrieve the malicious script and becomes the victim of this type of XSS attack.
Reflected Cross Site Scripting:
Reflected cross site scripting is also referred by the name Non-Persistent or Type-II Cross site scripting. It refers to the attacks in which the malicious script is reflected off the target servers. Which clearly means, the malicious part can be part of an error page, search result, or another response to a request sent to the targeted server.
For instance, if the user interacts with this malicious script by clicking on a link in an email, submitting the form, or browsing a web page, then the script travels to the compromised website and reflects the attack back to the user’s browser. Which means the user browser accepts and executes the malicious script from the website because it trusts its server.
Difference Between Stored and Reflected XSS:
The key difference between stored and reflected XSS is the source of the malicious script that is include in HTTP response generated by the server. The source of the script in stored XSS is a stored location. The source of the script is reflected XSS is the request.
DOM based Cross Site Scripting:
DOM based cross-site scripting is also known as type -0 cross site scripting. It refers to attacks in which the malicious script modifies the DOM environment in the user’s browser and cause the client-side code contained in the web page to execute differently.
Difference between DOM based XSS Attack and Stored and Reflected Attack:
The key difference between the DOM based XSS attacks and stored and reflected XSS attack is that the source of the malicious script is the client, not the server. That’s the reason why DOM based Cross site scripting is considered a subset of client XSS, whereas stored and reflected cross site scripting is considered server XSS.
Preventing Cross site scripting will involve including combination of best practice and tools. Cross site scripting attacks can have a severe technical and business impact that may result in the loss of customer’s trust and revenue.
Knowing and understanding what cross-site scripting is and what makes your web application vulnerable to them is an important starting point to prevention.