How do you perform on a test that checks your vulnerability to a cross-site scripting attack and malicious code injection?

How are we testing?:

This test visits a Zscaler CDN website that simulates a compromise by malicious code and checks to see if it would have been able to compromise your web browser.

Why is this test important?:

Cross-site scripting (XSS) attacks inject malicious code into an otherwise legitimate site. An XSS attack can steal web visitors' credentials and session keys (e.g. passwords and other sensitive data) and tarnish the reputation of the compromised website.

Take our security preview now

Cross-Site Scripting Attacks - a Perennial Problem

Cross site scripting attacks can compromise major websites like Twitter, Facebook and YouTube. These attacks are such a perennial problem that they consistently rank in the Top 10 vulnerabilities as identified by the Open Web Application Security Project (OWASP).Source

In the News:

Is it safer to use an app or a browser for banking? - The Guardian

22 Jun 2017
... tested 40 home banking apps and found that 90% included insecure links (ones that didn't use SSL), 40% didn't check the validity of SSL certificates, 50% were vulnerable to cross-site scripting, and 40% were vulnerable to man in the middle attacks.

Weak Development Security Exposes Web Apps to Cyber-Attacks - eWeek

17 Jun 2017
While more than 494,000 cross-site scripting (XSS) attacks were attempted, for example, only 0.0001 percent of the attacks actually succeeded in changing browser content and required a response. “It is not helpful to identify those half-million attack ...

XSS Just One Part of Broad Application Threat Landscape: Report - Web Host Industry Review

16 Jun 2017
Only one out of 1,000 cross-site scripting attacks (.001 percent) progress and require a security response, according to research released Tuesday by application security company tCell. The State of In-Production Application Security report, drawn from ...

More »