Cross-site Scripting (XSS) - Generic (CWE-79)
Cross-Site Scripting (XSS) Cheat Sheet
Vulnerability Summary
This cheat sheet covers: - Reflected XSS: Payloads reflected in the immediate response. - Stored XSS: Payloads persisted in the database. - DOM-based XSS: Payloads executed via client-side JavaScript. - Framework-specific XSS: Exploiting template engines like AngularJS. - Bypass Techniques: WAF evasion and encoding.
📝 Short Summary
This cheat sheet covers:
- Reflected XSS: Payloads reflected in the immediate response.
- Stored XSS: Payloads persisted in the database.
- DOM-based XSS: Payloads executed via client-side JavaScript.
- Framework-specific XSS: Exploiting template engines like AngularJS.
- Bypass Techniques: WAF evasion and encoding.