IMPORTANCE OF XSS (CROS SITE SCRIPTING) WEB SECURITY VULNERABLE FOR BUSINESSES

Abstract

Web applications are widely used all over the world. Applications are apps that make our daily life easier and more interactive. A wide range of personal information is shared over the web. The most basic priority of web-based applications is to present the information as a whole and to keep it confidential. Web-based applications are highly vulnerable to cyber-attacks. XSS and SQL injection is one of the most emerging attacks. The Open Web Application Security Project online community, known as OWASP, placed XSS in third place in their 2021 top 10 critical security threats. By injecting malicious code into the web application, attackers can cause great harm without the person's consent. Cross-site scripting (XSS) and SQL injection attacks are the most common types of attacks a web application encounters. An XSS attack is caused by executing malicious code into a web browser running on the server that the user is unaware of and can be catastrophic. Recognizing a malicious or harmless script can prevent an unwanted attack and help the web application keep users' data private.  In this study, the most common security threats will be explained. Detailed information about XSS attacks will be given. Detailed information about the techniques of protection from these attacks will be presented. It will raise awareness of IT experts, who are the center of businesses, to be more careful about cyber-attacks.