Abstract

Cross site scripting (XSS) is a type of scripting attack on web pages and account as one of the unsafe vulnerability existed in web applications. Once the vulnerability is oppressed, an intruder advances intended access of the authenticate user's web-browser and may perform session-hijacking, cookie-stealing, malicious redirection and malware-spreading. As prevention against such attacks, it is essential to implement security measures that certainly block the third party intrusion. Recently the most dangerous attacks are reflected and DOM based cross-site scripting attacks because in both cases attacker attack using server side scripting and do forgery over the network, it is hard to detect and therefore it must be prevented. Vulnerabilities of websites are exploited over the network through web request using GET and POST method. In this paper, we are focusing on injection, detection, and prevention of stored based XSS reflected XSS and DOM based XSS.