DEV Community

Discussion on: Explain Cross Site Scripting(XSS) attacks like I'm Five

faradayyg profile image
Friday Godswill

Say you live in an apartment, and you have an air conditioner. This air conditioner has a remote control which you use to regulate the temperature. But there's a problem. Your next door neighbour Samantha, has the same air conditioner, with the same remote. Which means Samantha could easily control your room temperature with her own remote if she was close enough. But Samantha isn't the only one with the same remote control. Pretty soon you find out the entire neighbourhood has the same remote. Troublesome isn't it?

Let's assume your house is a website, and your air conditioner is the front end. XSS can be likened to a situation where Samantha or any of your 100 neighbours use their own remote controls to manipulate your air conditioner without your permission.