modul:m183:learningunits:lu10:lu10a

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung		 Vorhergehende Überarbeitung
modul:m183:learningunits:lu10:lu10a [2025/12/27 21:00] dgaravaldimodul:m183:learningunits:lu10:lu10a [2025/12/27 21:02] (aktuell) dgaravaldi
Zeile 25: Zeile 25:
 {{:modul:m183:learningunits:lu10:stored-xss.png?600}} {{:modul:m183:learningunits:lu10:stored-xss.png?600}}
  
-   1. The attacker discovers a page with an input field that allows HTML.  +    - The attacker discovers a page with an input field that allows HTML. 
-   2. They insert malicious JavaScript code into that field.  +    They insert malicious JavaScript code into that field.  
-   3. The application stores and later serves that code as part of normal content.  +    The application stores and later serves that code as part of normal content. 
-   4. When other users visit the page, their browser executes the attack script. +    When other users visit the page, their browser executes the attack script. 
  
 \\ \\
Zeile 41: Zeile 41:
 ==== Related Topics ==== ==== Related Topics ====
 [1]: https://owasp.org/www-community/attacks/xss/ "Cross Site Scripting (XSS) | OWASP" [1]: https://owasp.org/www-community/attacks/xss/ "Cross Site Scripting (XSS) | OWASP"
 +
 [2]: https://developer.mozilla.org/docs/Web/Security/Attacks/XSS?utm_source=chatgpt.com "Cross-site scripting (XSS) - Security | MDN" [2]: https://developer.mozilla.org/docs/Web/Security/Attacks/XSS?utm_source=chatgpt.com "Cross-site scripting (XSS) - Security | MDN"
  
  • modul/m183/learningunits/lu10/lu10a.1766865620.txt.gz
  • Zuletzt geändert: 2025/12/27 21:00
  • von dgaravaldi