Client-Side Attacks

Injection attacks: A common security exploit that can occur in software development and runs rampant on the web, where an attacker injects malicious code

Cross-site scripting (XSS): A type of injection attack where the attacker can insert malicious code and target the user of the service

  • XSS attacks are a common method to achieve a session hijacking.
  • ​It would be as simple as embedding a malicious script in a website and ​the user unknowingly executes the scripts in their browser.
  • ​The script could then do malicious things like steal a victim’s cookies and ​have access to a log into a website cookies.

SQL Injection Attack: An attack that targets the entire website if the website is using a SQL database

  • ​Attackers can potentially run SQL commands that allow them to delete website data, ​copy it and run other malicious commands.