Apart from mailing links of error pages, are there other methods of exploiting XSS?
Yes, there are other methods. Let’s take the example of a bulletin board application that has a page where data entered by one user can be viewed by other users. The attackers enter a script into this page. When a valid user tries to view the page, the script gets executed on the user’s browser. It will send the user’s information to the attackers.
Related Questions
- want to use the EduWeb FTP Utility to upload my News/Calendar pages to my Internet website. Why do I get an error about MSINET.OCX?
- Does Ibeem CMS allow editors to create and edit links to other pages within their site and external URLs?
- Apart from mailing links of error pages, are there other methods of exploiting XSS?