Creation and Prevention of Persistent XSS Attack

Web applications are often vulnerable to attacks. Research data shows that over 80% of the applications are vulnerable to CROSS Site Scripting (XSS) attacks. It commonly targets scripts embedded in a page which are executed on client side (on the user's web browser) rather than on server side. It involves three parties-attacker, client and the website. The goal of XSS is to steal client cookies and any other sensitive information, which can identify the client with the website. There are two ways of XSS attack. Non-persistent (First Order or Reflected XSS) attack and Persistent (Second Order or Stored XSS) attack.