Client-Side Attacks
Injection attacks: A common security exploit that can occur in software development and runs rampant on the web, where an attacker injects malicious code
Cross-site scripting (XSS): A type of injection attack where the attacker can insert malicious code and target the user of the service
- XSS attacks are a common method to achieve a session hijacking.
- It would be as simple as embedding a malicious script in a website and the user unknowingly executes the scripts in their browser.
- The script could then do malicious things like steal a victim’s cookies and have access to a log into a website cookies.
SQL Injection Attack: An attack that targets the entire website if the website is using a SQL database
- Attackers can potentially run SQL commands that allow them to delete website data, copy it and run other malicious commands.