How do you perform on a test that checks your vulnerability to a cross-site scripting attack and malicious code injection?

How are we testing?:

This test visits a Zscaler CDN website that simulates a compromise by malicious code and checks to see if it would have been able to compromise your web browser.

Why is this test important?:

Cross-site scripting (XSS) attacks inject malicious code into an otherwise legitimate site. An XSS attack can steal web visitors' credentials and session keys (e.g. passwords and other sensitive data) and tarnish the reputation of the compromised website.

Take our security preview now

Cross-Site Scripting Attacks - a Perennial Problem

Cross site scripting attacks can compromise major websites like Twitter, Facebook and YouTube. These attacks are such a perennial problem that they consistently rank in the Top 10 vulnerabilities as identified by the Open Web Application Security Project (OWASP).Source

In the News:

Safeguarding the Crown Jewels from Cyber-Attack - Infosecurity Magazine

24 Jul 2017
Popular techniques include cross-site scripting (XSS), where malicious code is injected into a trusted website and 'click-jacking', concealing hyperlinks beneath legitimate clickable content which, when clicked, causes a user to unknowingly perform ...

Why WebCrypto Encryption Matters: Apple's Argument for Ditching Older Methods - The Mac Observer

21 Jul 2017
This lends itself to an extreme vulnerability, because those JavaScript resources are exposed at runtime and could be attacked – the keys can be stolen by skillful hackers. We call this an XSS, or cross-site scripting attack. Such an attack happens ...

A Primer on Cross-Site Scripting (XSS) - Security Intelligence (blog)

10 Jul 2017
Cross-site scripting (XSS), which occurs when cybercriminals insert malicious code into webpages to steal data or facilitate phishing scams, has been around almost since the dawn of the web itself. Although it is an ... If you need further convincing ...

More »