XSS攻击：跨站脚本攻击(Cross Site scr ipting)，对于跨站脚本攻击，黑客界共识是：跨站脚本攻击是新型的“缓冲区溢出攻击“，而Javascr ipt是新型的“ShellCode”。

XSS攻击的危害包括

　　1、盗取各类用户帐号，如机器登录帐号、用户网银帐号、各类管理员帐号

　　2、控制企业数据，包括读取、篡改、添加、删除企业敏感数据的能力

　　3、盗窃企业重要的具有商业价值的资料

　　4、非法转账

　　5、强制发送电子邮件

　　6、网站挂马

7、控制受害者机器向其它网站发起攻击-XSS Attacks: Cross Site scr ipting attacks (Cross Site scr ipting), the hacker community consensus for cross-site scr ipting attacks: cross-site scr ipting attack is a new type of " buffer overflow attacks, while Javascr ipt is a new type of"　ShellCode. XSS attacks hazards include the ability to steal all kinds of user accounts, such as machine login account, users of online banking account, the various administrator account 2, control corporate data, including read, tampering, add, delete sensitive corporate data theft of important information with commercial value, illegal transfer 5 mandatory Email, Web site linked to horse control of the victim machine to attack other sites