Cross Context Scripting
Variants:
Direct Persistent Session
Vector Type:
Attack
Relevance:
Generic
Layer:
Custom Browser Extension, Browser
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Input Validation, Syntax Escaping, Output Encoding
Invented In:
08/09/2006
Added In:
25/12/2014
Quick Introduction to the Topic:
Vector Operation Method:
A cross site scripting attack injected into a trusted zone in the browser, either in browser management features or in custom extensions.
