Open + Connected

Session Details

Cross-site Scripting: What Is It, and How Can You Protect Your Site from Becoming a Victim?

TPR5 Technical: Propeller Hats Required Track



Cross-site scripting (also referred to as XSS) is still the number one form of Web attack. From government websites to Google and Apple, it seems that no one is immune. In my presentation, we’ll explore what cross-site scripting is, how an attack occurs, and demonstrate a live exploit. We’ll then discuss why cross-site scripting can be damaging for a website, and we’ll look at methods one can use to prevent a cross-site scripting attack.


Paul Gilzow
Programmer/Analyst-Expert, University of Missouri

Paul Gilzow has been a Web applications programmer for the University of Missouri for the past six years. He currently works for the department of Web Communications. Certified by the SANS Institute in Web Application Security (GWAS), Paul frequently works with the campus IT security department to deliver presentations to fellow developers.