When an attacker stores malicious script in the data supplied from a website's search or contact form, this is known as reflected cross-site scripting. A search form is a good example of mirrored cross-site scripting because it sends the visitor's search query to the server and only they see the result.
XSS that is reflected (AKA Non-Persistent or Type I)
XSS that has been saved (AKA Persistent or Type II)
XSS in the DOM (AKA Type-0)
An attacker injects malicious executable scripts into the code of a trusted application or website in a cross-site scripting (XSS) attack. An XSS attack is usually started by sending a malicious link to a user and tempting them to click on.
Injecting malicious code into a susceptible programme might exfiltrate data or install malware on the user's computer. Attackers can utilise session cookies to impersonate authorised users, allowing them to conduct any action permitted by the user account. XSS can potentially have a negative influence on a company's reputation.
Cyber Forensics Masterclass with Hands on learning