Vulnerability coming from unprotected and not sanitized user inputs those are directly stored in database and displayed to other users.
Reflected XSS - Vulnerability coming from unprotected and not sanitized values from URLs those are directly used in web pages.
Validation is the method where user defines set of rules, and demand untrusted data to satisfy those rules before moving on.
Escape method is useful for cases where you should enable user to use punctuation marks. This method goes through string and looks for special characters, such as < > and replace them with appropriate HTML character entity name.
function escapeText(text) {
return text.replace(/&/g, '&')
.replace(/</g, '<')
.replace(/>/g, '>')
.replace(/"/g, '"')
}
User’s web browser perform an unwanted action on an other trusted site where the user is authenticated.
www.mybank.commybank.com will result in a request of (conceptually) the form http://www.mybank.com/transfer?to=<SomeAccountnumber>;amount=<SomeAmount>. (Your account number is not needed, because it is implied by your login.)www.cute-cat-pictures.org, not knowing that it is a malicious site.mybank.com, they could include on their page a request like http://www.mybank.com/transfer?to=123456;amount=10000 (where 123456 is the number of their Cayman Islands account and 10000 is an amount that you previously thought you were glad to possess).www.cute-cat-pictures.org page, so your browser will make that request.www.mybank.com cookie and it will look perfectly legitimate. There goes your money!http://www.mybank.com/transfer?to=123456;amount=10000;token=31415926535897932384626433832795028841971.mybank.com will include on their own web page when they serve it to you. It is different each time they serve any page to anybody.www.mybank.com.