Injection: XSS Injection¶

Identifier: xss_agent

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

XSS vulnerabilities occur when an application blindly accepts and processes user-supplied data without adequately checking it first. This oversight allows an attacker to insert harmful code—like malicious scripts—into the application, potentially tricking it into running that code. The risk here is that if such vulnerabilities are exploited, sensitive data could be stolen, sessions hijacked, or the app's behavior manipulated. References:

https://portswigger.net/web-security/cross-site-scripting

Configuration¶

Example¶

Example configuration:

---
security_tests:
  xss_agent:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.