• Skip to primary navigation
  • Skip to content
  • Skip to footer
My blog This place where I tell my stories
  • About
  • Policy
  • Category
  • Collection
    1. Home
      2. /
    2. Security wiki
      3. /
    3. Web security
      4. /
    4. Client side
      5. /
    5. Cross-site scripting
    • Server side
      • 1 - SQL injection
      • 2 - Authentication
      • 3 - Directory traversal
      • 4 - Command injection
      • 5 - Business logic flaws
      • 6 - Information disclosure
      • 7 - Access control
      • 8 - File upload
      • 9 - Race conditions
      • 10 - Server-side request forgery
      • 11 - XXE injection
      • 12 - GraphQL API injection
      • 13 - Server-side template injection
      • 14 - Insecure deserialization
      • 15 - Oauth authentication
    • Client side
      • 1 - Cross-site scripting
      • 2 - Cross-site request forgery
      • 3 - Cross-origin resource sharing
      • 4 - Clickjacking
      • 5 - DOM-based vulnerabilities
      • 6 - WebSockets
      • 7 - Web cache poisoning
      • 8 - HTTP host header attacks
      • 9 - HTTP request smuggling
      • 10 - JWT attacks
      • 11 - Prototype pollution

    Cross-site scripting

    On this page

    Updated: September 18, 2025

    Share on

    Twitter Facebook LinkedIn
    Previous Next
    • Follow:
    • GitHub
    • Feed
    © 2025 Trumpiter. Powered by Jekyll & Minimal Mistakes.