Summary:
- Cross-Site Scripting (XSS) is a type of cyber attack where malicious scripts are injected into web pages, allowing attackers to gain access to sensitive information or take control of the user's browser.
- Stored XSS occurs when user input is not properly sanitized and is stored on the server, then displayed to other users without being properly encoded.
- DOM-based XSS happens when user input is not properly sanitized and is used to modify the Document Object Model (DOM) of a web page, allowing an attacker to execute malicious scripts.
- Blind XSS is a type of XSS attack where the attacker's payload is not immediately visible on the page, but is triggered by a user's interaction with the page.