Discover the definition of the term Xss (Cross-Site Scripting) presented by Les Assises de la Cybersécurité.

XSS (CROSS-SITE SCRIPTING)

A cross-site scripting attack begins when an attacker is able to have content of their choice displayed on a third-party website (for example, via comments or private messages that will be read in a browser). If the website that receives and displays this content does not do sufficient filtering, the attacker will be able to include tags and code (often Javascript, but it can be any language supported by browsers) that will then be interpreted by all users who view it. This can lead to session theft (and thus allow the attacker to hijack visitors’ social media accounts, even if the victim site has nothing to do with them), or to redirect victims to fake sites (phishing, see “Phishing”).

Mark Slemko, one of the inventors of this type of attack, who was told that the name did not really describe its behavior, replied: “we had more important things to do at the time.” Since then, many CISOs have also tried to use it to exonerate themselves when their site was the victim of XSS. They are no longer here to testify to it.

Assises page pushes

About Les Assises

Les Assises de la cybersécurité are a unique opportunity to discuss current and future cyber issues.
Go to the Assises one-to-one concept page

Excellence & Networking by DG Consultants

One to One events by DG Consultants : essential meeting places that combine business meetings, operational & strategic excellence, and networking opportunities in exceptional venues
Access Les Assises of cybersecurity glossary

Cyber Glossary | Les Assises

Les Assises de la Cybersécurité, France's must-attend cybersecurity event, provides definitions of the technical terms you need to know.
Whitebox Testing | Cyber Glossary
Y2K | Cyber Glossary