Using Burp Scanner to Find Cross Site Scripting Issues | OWASP Top Ten | Burp suite
Cross-Site Scripting (XSS) is the most prevalent web application vulnerability found in the wild. XSS often represents a critical security weakness within an application. It can often be combined with other vulnerabilities to devastating effect. In some situations, an XSS attack can be turned into a virus or self-propagating worm.
XSS vulnerabilities occur when an application includes attacker-controllable data in a response that is sent to the browser without properly validating or escaping the content. Cross-site scripting attacks may occur anywhere that an application includes in responses data that originated from any untrusted source. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user's browser has no way to know that the script should not be trusted, and will execute the script because it thinks the script came from a trusted source. The malicious script can access any cookies, session tokens, or other sensitive information used with that site.
XSS vulnerabilities come in various different forms and may be divided in to three varieties: reflected (non-persistent), stored (persistent) and DOM-based.
https://www.firewalldemo.com/
https://www.liveonnetwork.info/
/ liveonnetwork8
/ liveonnetwork-1018207398309526
https://codered.eccouncil.org/Home?re...