Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
| Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
| modul:m183:learningunits:lu10:lu10b [2025/12/27 20:55] – dgaravaldi | modul:m183:learningunits:lu10:lu10b [2025/12/27 21:04] (aktuell) – dgaravaldi | ||
|---|---|---|---|
| Zeile 9: | Zeile 9: | ||
| To distribute the malicious link, a perpetrator typically embeds it into an email or third party website (e.g., in a comment section or in social media). The link is embedded inside an anchor text that provokes the user to click on it, which initiates the XSS request to an exploited website, reflecting the attack back to the user. | To distribute the malicious link, a perpetrator typically embeds it into an email or third party website (e.g., in a comment section or in social media). The link is embedded inside an anchor text that provokes the user to click on it, which initiates the XSS request to an exploited website, reflecting the attack back to the user. | ||
| - | \\ | + | {{: |
| - | ==== Reflected XSS attack example ==== | + | |
| Unlike a stored attack, where the perpetrator must locate a website that allows for permanent injection of malicious scripts, reflected attacks only require that the malicious script be embedded into a link. That being said, in order for the attack to be successful, the user needs to click on the infected link. | Unlike a stored attack, where the perpetrator must locate a website that allows for permanent injection of malicious scripts, reflected attacks only require that the malicious script be embedded into a link. That being said, in order for the attack to be successful, the user needs to click on the infected link. | ||
| Zeile 48: | Zeile 47: | ||
| \\ | \\ | ||
| ==== Related Topics ==== | ==== Related Topics ==== | ||
| - | [1]: https:// | + | [1]: https:// |
| - | [2]: https:// | + | |