In: Computer Science
Which one of these code fragments could possibly be a comment that could be used to perform a XSS injection?
Select one:
a. <script>Evil()</script>
b. DROP TABLE users;
c. admin’ OR 1=1 --
Which one of these code fragments could possibly be a comment that could be used to perform a XSS injection?
Ans: a)
<script>Evil()</script>
XSS is Cross Site Scripting which is a malicious code injection
executed in the victims browser.
XSS is used to steal users cookes or session tokens and other information. These help users log in automatically without any login credentials.
This XSS script can be executed on a vulnerable search field. When user enters the script in the search box, it gets executed.
XSS scripts can also be combined with javascript in order to execute.
Types of XSS attacks:
PLESAE UPVOTE IF THIS HELPED YOU.
THANKS