Analysis and Exploration of Vulnerabilities

Applied Cryptography Robust Software Quantum Safety Machine Learning Applied to Security Analysis and Exploration of Vulnerabilities Computer Systems Forensic Analysis Reverse Engineering Identification, Authentication and Authorization Secure Execution Environments Direito da Organização e da Segurança

Analysis and Exploration of Vulnerabilities
Vulnerabilities
Vulnerability Assessment of Networked Systems
Enumeration and Information Leakage
Injection
Broken Authentication
XSS Cross Site Scripting
Concurrency
Buffers

Powered by GitBook

On this page

Reflected XSS

PreviousPrevalence and Detectability NextStored XSS

Last updated 10 months ago

The application or API includes unvalidated and unescaped user input as part of HTML output.

That is, the HTML displays a string sent by the user.

The attacker will send a malicious link to the victim, pointing to an attacker-controlled page.

Through email, posted on a chat, etc..

A successful attack can allow the attacker to execute arbitrary HTML and JavaScript in the victim’s browser.