Cross Site Scripting Attack Review

In the present time, web applications are growing constantly in the whole society with the development of communication technology. Since the utilization of WWW (World Wide Web) expanded and increased since it provides many services, such as sharing data, staying connected, and other services. As a consequence, these numerous numbers of web application users are susceptible to cybersecurity breaches to steal sensitive information or crash the users systems, etc. Particularly, the most common vulnerability today in web applications is the Cross-Site Scripting (XSS) attack. Furthermore, online cyber attacks utilizing cross-site scripting were responsible for 40% of the attack instances that struck enterprises in North America and Europe in 2019. Therefore, cross-site scripting is a form of an injection that targets both vulnerable and non-vulnerable websites, for the injection of malicious scripts. Cross-site scripting XSS operates by directing users to a vulnerable website that contains malicious JavaScript. Then, when malicious code runs in a victim s browser, the attacker has complete control over how they interact with the application. To protect the website or prevent the XSS, must know the application complexity and the way it handles data must be known so it could be controlled by the user. However, Detecting XSS e ectively is still a work in progress, and XSS is considered a gateway for various attacks. However, in this paper, we will introduce the XSS attack and the forms of XSS as a review paper. In addition, the methods and techniques that help to detect cross-site scripting (XSS) attacks.