跨站点脚本攻击带来了巨大的风险。
这个安全限制是为了避免跨站点脚本攻击(XSS)。
This security restriction is to avoid cross-site scripting attacks (XSS).
该脚本容易受跨站点脚本攻击,因为它盲目输出所提交的表单数据。
This script is vulnerable to cross-site scripting attacks because it blindly prints out submitted form data.
跨站点脚本攻击使黑客能够将恶意脚本嵌入到访问者的浏览器中,然后执行该脚本收集数据。
Cross-site scripting attacks allow hackers to embed a malicious script on your visitor's browser and then execute the script in order to gather data.
AjaxChat还具有安全性,能够防止代码注入、SQL注入、跨站点脚本攻击、会话偷窃以及其他攻击。
Ajax Chat has security in mind to prevent code injections, SQL injections, cross-site scripting, session stealing, and other attacks.
Jacob对其中的一些弱点给出了示例,像跨站点脚本攻击(XSS)、跨站点伪造请求(CSRF)、HTTP响应分割、会话固定攻击以及SQL注入攻击等等。
Jacob gave examples of some of the vulnerabilities like Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), HTTP Response Splitting, Session Fixation, and SQL Injection.
可编辑数据验证——为了去除跨站点脚本和SQL注入攻击,HDIV分析所有的可编辑数据域。
Editable Data Validation - HDIV analyzes all editable fields to remove cross-site scripting and SQL injection attacks.
本文中,我们讨论了攻击者如何使用跨站点脚本编制作为对网站发动攻击的技术。
In this article, we discussed how attackers use cross-site scripting as a technique to launch attacks against Web sites.
当攻击者知道某一网站上的应用程序易受跨站点脚本编制攻击后,他就可以规划攻击。
After an application on a Web site is known to be vulnerable to cross-site scripting, an attacker can formulate an attack.
商业站点上每月都会发现跨站点脚本编制的攻击,并且每月都会发布解释这种威胁的报告。
Every month cross-site scripting attacks are found in commercial sites and advisories are published explaining the threat.
在扫描阶段,攻击者可能会利用路径遍历和跨站点脚本;在攻击阶段,黑客可能会利用SQL注入或远程文件包含进行攻击。
An attacker may use directory traversal and cross-site ccripting during a scan phase and then hit it with an SQL injection or an RFI in the exploit phase.
当攻击者向用户提交的动态表单引入恶意脚本时,就会产生跨站点脚本(XSS)攻击。
When an attacker introduces a malicious script to a dynamic form submitted by the user, a cross-site scripting (XSS) attack then occurs.
这可以防止跨站点脚本,一个令人讨厌的攻击方法。
这可以防止跨站点脚本,一个令人讨厌的攻击方法。
应用推荐