XSS
Another prevalent type of attack that I still encounter out in the field very frequently is XSS. XSS comes in a few flavors, but they all provide attackers with the same thing: arbitrary JavaScript code execution in the client's browser.
While this may not sound as great as executing code on the actual application server, XSS attacks can be devastating when used in targeted attacks.
Reflected XSS
The more common type of XSS vulnerability is the reflected or non-persistent kind. A reflected XSS attack happens when the application accepts input from the user, either via parameters in the URL, body, or HTTP headers, and it returns it back to the user without sanitizing it first. This type of attack is referred to as non-persistent because once the user navigates away from the vulnerable page, or they close the browser, the exploit is over. Reflected XSS attacks typically require some social engineering due to the ephemeral nature of the payload.
Note
To showcase XSS attacks, we will once again...
