1, XSS hazards:
1, phishing, steal all kinds of user accounts
2, steal user cookies, in order to obtain user privacy information, or the use of user identity further perform operations on site
3, hijacking the user (browser) session to perform any of the following, for example: published logs, send messages and so on
4, forcing pop-up ad box, brush flow
5, pages linked to horse
6, malicious actions such as: tampering articles, delete articles
7, access to client information, to enhance the user permissions,
2, XSS vulnerability classification
1, reflective XSS
<PHP?
Echo $ _GET [ 'Key'];
?>
2, the storage-type XSS
3, type the DOM XSS
(learn javascript web scripting language)