[TUT]Refletcd XSS or Non-Presistant XSS
What is Non-Presistant XSS -->
The non-persistent (or reflected) cross-site scripting vulnerability is by far the most common type.These holes show up when the data provided by a web client, most commonly in HTTP query parameters or in HTML form submissions, is used immediately by server-side scripts to parse and display a page of results for and to that user, without properly sanitizing the request.
How to find Non-Presistant XSS in websites or
Mainly non-persistent is found in search boxes of websites. So first you have to find search box in a website. After finding the search box we will try to put some code in search box.
Like I will put following code in my example web application-->
<script>alert("XSS by D@rk TruTH");</script>
After entering this code I got a pop-up saying XSS by D@rk TruTH like in image given below
[TUT]Refletcd XSS or Non-Presistant XSS Reviewed by Aditya Joshi on 00:53:00 Rating: