temp-scw-app[bot]
commented
3 years ago Micro-Learning Topic: Cross-Site Scripting (XSS) (CWE 79)
XSS flaws occur whenever an application includes untrusted data in a new web page without proper validation or escaping, or updates an existing web page with user-supplied data using a browser API that can create HTML or JavaScript. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.
_Credits: OWASP Top 10 2017_
gfytfih cwe 79 uyf