MyBB Community Forums

MyBB Community Forums > Community > General Discussion > Question about how XSS works
Full Version: Question about how XSS works
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Simulationcity

2007-06-26, 05:32 PM
I've been told about Cross Server Scripting and I have a few questions on how it works. I want to go into website design so I'd like to prevent it (sounds like a good idea huh?). Anyways You know how there are the file upload forms such as when you make a post here? Is it possible to do a XSS through that? Type in the URL for a malicious script and the server will upload the result of the script?

If so or if not what methods are there to prevent XSS?

Ryan Gordon

2007-06-26, 05:43 PM
Basically XSS can allow you to insert malicious code (usually javascript) into a page that will, for example, call an image in the page but it would also pass your document.cookies. They would store your cookies somewhere and you wouldn't even know what happened.

User 2877

2007-06-26, 08:19 PM
Wikipedia always comes in handy.

http://en.wikipedia.org/wiki/Cross-site_scripting
MyBB Community Forums > Community > General Discussion > Question about how XSS works