PROFESSIONALCOMMUNITY

Cross-site scripting (XSS)

Last updated: June 1, 2023
Read time: 1 Minute

Cross-site scripting (XSS) is a web security vulnerability that enables an attacker to manipulate a vulnerable web site so that it returns malicious JavaScript to users. Attackers can use malicious code to fully compromise a victim's interaction with the application.

You can use Burp Suite to test for a range of XSS vulnerabilities.

Tutorials in this section

Identifying reflected input.
Testing for DOM XSS with DOM Invader.
Testing for web message DOM XSS with DOM Invader
Bypassing XSS filters by enumerating permitted tags and attributes.
Testing for reflected XSS manually.