Cross Site Scripting (XSS)
Attacker Role and Capabilities
Victim Characteristics
Vulnerable Application Properties
Attack Surface Analysis
Payload Definition and Structure
Injection Point Identification
Source and Sink Concepts
Execution Context
Reflection vs Persistence
Input Validation Points
Output Encoding Locations
Sanitization Processes
Canonicalization Requirements
Trust Boundaries
Previous
2. Web Security Foundations
Go to top
Next
4. XSS Attack Classification