Cross Site Scripting (XSS) Vulnerabilities..

Hi ppl.. I was searching and working with some Cross Site Scripts (XSS) on past few weeks. So I'm interesting to give a brief idea about XSS Vulnerabilities of websites and mail accounts ..

By the way,, What is XSS??? What kind of things XSS can do???
XSS stand for cross-side scripting and you can do many things when you get to know about XSS.. For example you can login to someones mail account, destroy a website or do what ever things you want in a website.

Cross-site scripting is an attack that takes advantage of a Web site vulnerability in which the site displays content that includes unauthorized user-provided data. For example, an attacker might place a hyperlink with an embedded malicious script into an online discussion forum. That purpose of the malicious script is to attack other forum users who happen to select the hyperlink. For example it could copy user cookies and then send those cookies to the attacker.Sometimes attacker will send you a mail included with a malicious script. When you open it the script will execute and steal your cookie.

Different types of XSS attacks

1. DOM based or local XSS
-Precondition: the vulnerable page uses data from the document.location, document.URL or document.referer properties in an insecure manner.
-The payload is never located in the html but in the URL. Thus also works with static pages.
-Only works with browser which do not modify the URL characters (of course IE 6.0 does not...)
-Used with social-engineering.

2. Non-persistent or reflected XSS
-Such holes show up when data provided by a web client is immediately used by the server to generate a page of result.
-Payload vector: mostly malicious URLs/links
-Used with social engineering.

3. Stored, persistent or second-order XSS
-The payload is stored on the server.
-Used with or without social engineering.