Cross-site scripting (also known as CSS, XSS) is a dangerous hacking script, its main source being web applications. Unauthorized users make their entrance to one’s system through these scripts and invade the access panels by impersonating the user and stealing their valued information from the system and tamper with their sessions.
There are three types of xss attacks. They are:
Non-persistent XSS, and
The hacker’s in-depth analysis in regards to invasion of systems is also possible by writing random HTML codes in the search bar of the website. If the website is weak, the ‘showing results’ page will return the results. HTTP referrer objects, GET parameters, POST parameters, window.location, document referrer and headers are known to be not secured in your system after these attacks.
The persistent and Non-persistent XSS deals with the destruction of a user’s website, stealing valued information of the users. These types of xss tempt the user to feed information to the pernicious site. In these cases, it’s easier for the victim, or at the same time, many victims, to fall prey to the infected codes by the attacker, normally guestbooks in an HTML webpage, and to some extent, blogs and conversation threads in a website.
Normally it works but, if it doesn’t, well, use different sites (like HTML, mentioned in the example above). You can observe the script being unsafe when the page and newlines contain bold text.