OWASP Top 10: A7 - Cross-site Scripting

Skillsoft issued completion badges are earned based on viewing the percentage required or receiving a passing score when assessment is required. Most web apps accept some kind of input, whether from users or through other automated means. All app input must be treated as untrusted and must be vigorously validated to ensure application and data integrity. In this course, you'll learn the difference between Java and JavaScript, as well as what cross-site scripting is and how it can compromise a web site and its visitors. Next, you'll learn how to execute various XSS attacks against an intentionally vulnerable virtual machine, including through web forms. You'll also explore how to use XSS to hijack a user web browser and how to mitigate XSS attacks.