---
title: "What is the cross-site scripting and how it can harmful for your application?"  
description: "What is the cross-site scripting and how it can harmful for your application?"  
author: "Sanat Shukla"  
published: 2018-11-21  
canonical: https://answers.mindstick.com/qa/51738/what-is-the-cross-site-scripting-and-how-it-can-harmful-for-your-application  
category: "technology"  
tags: ["web programming", "web browsers", "web servers", "web design and publishing", "web downloads", "web hosting", "web usability", "web api", "web service"]  
reading_time: 2 minutes  

---

# What is the cross-site scripting and how it can harmful for your application?

![What is the cross-site scripting and how it can harmful for your application?](https://answers.mindstick.com/questionanswer/dc700b99-e459-4a8d-8a1a-327d67f73dfd/images/501f6ea0-4035-48a6-aae6-6881d7c8f8f2.jpeg)

Please describe in brief and under and understandable.

## Answers

### Answer by John d'souza

XSS (cross-site scripting or cross-site security) is known as a type of security attack where the attacker injected the malicious code at the time of entering the data. OR Cross-Site Scripting (XSS) is like as hacking attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. OR Cross Site Scripting (also referred to as XSS) is a kind of vulnerability that occurs when some hacker injects malicious code (ideally script) inside a web page or the database. If the hacker once gives these codes injected into the end user's browser. And if this code run on then it makes access to cookies, sessions, local files, etc. easier. The result of XSS may range from petty nuisance like displaying an alert box to a significant security risk like stealing session cookies.

![What is the cross-site scripting and how it can harmful for your application?](https://answers.mindstick.com/questionanswer/dc700b99-e459-4a8d-8a1a-327d67f73dfd/images/65b55e83-e1d0-4e99-8f28-c3929be56965.png)\

These are some of the ways to use xss on your application that the attackers often use such as -

## 1). XSS

- Standard XSS
- DOM-based XSS

## 2). HTML & CSS

## 3). Scripts or scripting language

- JavaScript
- VB script
- etc.

## 4) SQL Injection

![What is the cross-site scripting and how it can harmful for your application?](https://answers.mindstick.com/questionanswer/dc700b99-e459-4a8d-8a1a-327d67f73dfd/images/8e22c1b6-a3e3-4b55-b711-4f2b203398ee.png)

\

## Solution :-

- 1). Escaping.
- 2). Validating Input.
- 3). Sanitizing.
- 4). You MUST use the escape syntax for the part of the HTML document you're putting untrusted data into.


---

Original Source: https://answers.mindstick.com/qa/51738/what-is-the-cross-site-scripting-and-how-it-can-harmful-for-your-application

Copyright © MindStick Software Pvt. Ltd. This Markdown version is provided for developers, AI systems, and offline reading.
