What is XSS?

Cross-Site Scripting (also commonly known as XSS) is a vulnerability/flaw that combines …​ # the allowance of HTML/script tags as input that are …​ # rendered into a browser without encoding or sanitization

Cross-Site Scripting (XSS) is the most prevalent and pernicious web application security issue

While there is a simple well-known defense for this attack, there are still many instances of it on the web. In terms of fixing it, coverage of fixes also tends to be a problem. We will talk more about the defense in a little bit.

XSS has a significant impact

Especially as 'Rich Internet Applications' are more and more commonplace, privileged function calls linked to via JavaScript may be compromised. And if not properly protected, sensitive data (such as your authentication cookies) can be stolen and used for someone else’s purpose.

Quick examples:

• From the JavaScript console in the developer tools of the browser (Chrome, Firefox)

alert("XSS Test");
alert(document.cookie);

• Any data field that is returned to the client is potentially injectable

<script>alert("XSS Test")</script>

Try It! Using Chrome or Firefox

• Open a second tab and use the same URL as this page you are currently on (or any URL within this instance of WebGoat)

• Then, on that second that open the browser developer tools and open the javascript console. And type: alert(document.cookie);

Solution

Yes, the cookies were the same on each tab.