Afnan Alotaibi; Lujain Alghufaili; Dina M.Ibrahim
Abstract
At the present period of time, web applications are growing constantly in the whole society with the development of communication technology. Since the utilization of WWW (World Wide Web) expanded and increased since it provides many services, such as sharing data, stay connected and other services. ...
Read More
At the present period of time, web applications are growing constantly in the whole society with the development of communication technology. Since the utilization of WWW (World Wide Web) expanded and increased since it provides many services, such as sharing data, stay connected and other services. As a consequence, these numerous numbers of web application users susceptible to cybersecurity breaches in order to steal sensitive information or crashing the users’ systems, etc. Particularly, the most common vulnerability todays in web applications are the Cross-Site Scripting (XSS) attack.Furthermore, online cyber attacks utilizing cross-site scripting were responsible for 40% of the attack instances that struck enterprises in North America and Europe in the 2019. Therefore, cross-site scripting is a form of an injection that targets both vulnerable and non-vulnerable websites, for the injection of malicious scripts. Cross-site scripting XSS operates by directing users to a vulnerable website that contains malicious JavaScript. Then, when malicious code runs in a victim’s browser, the attacker has complete control over how they interact with the application. In order to protect website or prevent the XSS, must know the application complexity and the way it handles data must be known so it could be controlled by the user. However, Detecting XSS effectively is still a work in progress and XSS is considered a gateway for various attacks. However in this paper, we will introduce the XSS attack and the forms of XSS as review paper. In addition, the methods and techniques that help to detect cross site scripting (XSS) attacks.