What is Cross Site Scripting?
Cross site scripting (XSS) is when criminal hackers use weakness's in a website application to inject malicious code into that website which causes the website to behave in a way it was not designed to do.
The website weakness which allows this to happen is mainly to do with input data that has not been validated properly.
Cross Site Scripting attacks occur when data enters a website through an entrusted web request. The data is sent to the web user without being validated first.
The common end result is that the hackers will put Malware onto the website which will infect the users computers who visit that website. Google will eventually black list your website which is not good for a company's reputation or search engine rankings.
When designing your website, you must always validate any inputted data which will strip out any harmful inputs and protect your site. You should also consider making your whole site https so that all page to page exchanges are encrypted.
If you have any questions about cross site scripting please contact us at the Computer Geek.