Blog
VERT Vuln School: XSS versus XSRF
By Craig Young on Tue, 01/20/2015
Cross-site scripting, commonly referred to as XSS, is listed third in the OWASP Top 10 for 2013 Web Application Security risks . Unlike SQL injection attacks, which target data on the server, XSS provides a vector for attacking the users of a vulnerable web site. At a general level, XSS is when an attacker can cause a web site to render with unintended script content. This script content is...