存储的 xss 和反射的 xss 有什么区别? [英] What is the difference between stored xss and reflected xss?

问题描述

我无法理解存储的 xss 和反射的 xss 之间的区别是什么.能举个例子吗?

I was not able to understand what the difference between stored xss and reflected xss is. Can you tell me with an example?

推荐答案

Stored XSS 意味着某些 持久性 数据(通常存储在数据库中)没有在页面中清理，这意味着每个人都可以受漏洞影响.例如，想象一个论坛，用户发布的答案不会被转义.如果有人发布带有一些 HTML 的主题，那么访问该主题页面的每个人都会受到影响！风险通常很重要，因为它会影响所有用户并且可以迅速传播(典型的例子是 Myspace XSS 蠕虫，在 20 小时内影响了 100 万用户).

Stored XSS means that some persistant data (typically stored in a database) are not sanitized in a page, which implies that everyone can be affected by the vulnerability. For example, imagine a forum where users' answers posted are not escaped. If someone posts a topic with some HTML on it, everyone that goes to the topic page will be affected! The risks can generally be important, since it affects all users and can widespread rapidly (a typical example is Myspace XSS worm which impacted one million users in 20 hours).

相反，反射型 XSS 意味着非持久性数据(通常是客户端通过表单提交提供的数据)不会被转义.例如，想象一个搜索引擎，在结果列表页面中，您的搜索关键字被重新显示(而不是清理).然后，您可以将 html 放在您的研究中，它将被执行.虽然此漏洞的风险不那么明显，但由于它只影响进行注入的用户，因此它也可能是一个问题.例如，如果恶意用户向受害者发送带有注入内容的链接，然后受害者点击该链接.

Reflected XSS, on the contrary, means that non-persistent data (generally data provided by the client through form submission) are not escaped. For instance, imagine a search engine where in the results list page, your search keywords are redisplayed (and not sanitized). You could then put html on your research and it will be executed. While the risks of this vulnerability are less obvious, since it only affects the user who made the injection, it can be a problem too. For example if a malicious user sends a link with the injection on it to a victim, and the victim clicks on the link.

这篇关于存储的 xss 和反射的 xss 有什么区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！