Example of a cross site scripting
<A
HREF=http://legitimateSite. com/registration.cg i?clientprofile =<SCRIPT>malici ous
code</SCRIPT>>Click here</A>
fine the script is malicious, but it is web servers' responsibility for
such a script is being hosted by web server.
Also the script could also be hosted at another web server, but in this
scenario also it is the legitimate site's responsibility to make sure
that all content hosted or content being referenced from other third
party websites is checked.
Please let me know if my understanding of the above two scenarios is
correct.
<A
HREF=http://legitimateSite. com/registration.cg i?clientprofile =<SCRIPT>malici ous
code</SCRIPT>>Click here</A>
fine the script is malicious, but it is web servers' responsibility for
such a script is being hosted by web server.
Also the script could also be hosted at another web server, but in this
scenario also it is the legitimate site's responsibility to make sure
that all content hosted or content being referenced from other third
party websites is checked.
Please let me know if my understanding of the above two scenarios is
correct.