Cross Site Scripting Attack

Description

A Cross Site Scripting (XSS) attack can cause arbitrary code to run in a user's browser while the browser is connected to a trusted Web site. The attack targets your application's users and not the application itself, but it uses your application as the vehicle for the attack. Because the script code is downloaded by the browser from a trusted site, the browser has no way of knowing that the code is not legitimate. Internet Explorer security zones provide no defense. Since the attacker's code has access to the cookies associated with the trusted site and are stored on the user's local computer, a user's authentication cookies are typically the target of attack.

Impact

• Loss of authentication cookies. The attack writes script to retrieve the authentication cookie that provides access to a trusted site and then posts the cookie to a Web address known to the attacker. This enables the attacker to spoof the legitimate user's identity and gain illicit access to the Web site.

Vulnerabilities

• Failing to constrain and validate input.
• Failing to encode output.
• Trusting data retrieved from a shared database.

Countermeasures

• Perform context sensitive encoding of untrusted input before it is echoed back to a browser by using an encoding library (e.g., IOSec)
• Untrusted input should be validated against an inclusion list before use (e.g., RegEx pattern, primitive type casting, domain constraint, etc.)

Attack Patterns

• Cross Site Scripting Attack Pattern

Explained

• Cross Site Scripting Explained

How Tos

• How To Recognize Cross Site Scripting Vulnerabilities
• How To Test For Cross Site Scripting Vulnerabilities
• How To Prevent Cross Site Scripting in ASP.NET