{"id":21996,"date":"2024-01-29T10:17:56","date_gmt":"2024-01-29T08:17:56","guid":{"rendered":"https:\/\/wpbeveiligen.nl\/?p=21996"},"modified":"2023-07-27T10:19:09","modified_gmt":"2023-07-27T08:19:09","slug":"wat-is-xss-alles-over-cross-site-scripting-2","status":"publish","type":"post","link":"https:\/\/wpbeveiligen.nl\/en\/wat-is-xss-alles-over-cross-site-scripting-2\/","title":{"rendered":"Wat is XSS? Alles over: Cross Site Scripting"},"content":{"rendered":"
Cross Site Scripting (XSS) becomes possible when forms are not properly closed or do not filter the information you can enter.<\/strong><\/p>\n The term “XSS” stands for Cross Site Scripting, and it was adapted because “CSS” (Cascading Style Sheets) already existed.<\/p>\n When a form does not use “htmlspecialchars,” and all characters entered in an input field can be fully processed, it gives the opportunity to execute PHP on the website\/server.<\/p>\n Through XSS, you can issue commands to the server. Consider what you can do with that capability\u2014modifying, saving, executing files, and other tasks that are typically limited to website administrators.<\/p>\n – Through the browser, the webcam can be activated, and a recording started. Have you seen the popup: “Do you want to leave this page?” In many cases, you can click [x] to close it. However, if you cannot close it and you find yourself on a website that isn’t very trustworthy, assume that there are pieces of code under the “leave page” and “go back” buttons that you’d rather not execute on your PC.<\/p>\n In such cases, it’s best to close the browser completely! (Use Task Manager in Windows to end the browser process)<\/p>\nHow does Cross Site Scripting work?<\/h2>\n
What are the disadvantages if someone successfully executes Cross Site Scripting on your website?<\/h2>\n
\n
Beyond website modifications, XSS also impacts your browser\/computer<\/h2>\n
\n– Listening through the microphone is possible.
\n– Files can be saved.
\nAnd so on…<\/p>\nI’ve never encountered XSS as a visitor to websites… have I?<\/h2>\n
How do I prevent XSS issues on my WordPress website?<\/h2>\n