ABSTRACT
Cross-site scripting attacks (XSS attacks) are listed as the top widespread and critical weakness that can be discovered and exploited as software vulnerabilities. When designing web applications programmers and analysts must follow secure coding rules and try not to leave any loopholes. Experience is a great factor and programmers are unable most of the times to spot all the weak points in an online application. In this chapter we present a tutorial on launching XSS attacks along with the mitigation actions. The chapter covers both theoretical and technical aspects of XSS attacks and can be used as a self-learning or teaching tool for security students or professionals.
