Title
Not Logged In [Login Now]

Cross_Domain_Scripting

Low Severity
Definition ID 203, Last Updated Nov 26th 2010, 12:03 p.m. (Revision 4)

Synopsis

Detects a cross-domain script

Description

This definition detects scripts loaded by a different domain. A cross-domain script is not necessarily malicious but are frequently used by attackers to compromise website users' and is oftentimes used to perform malware distribution.

This definition can set a baseline such that it will ignore scripts for domains that are approved, only alerting when new scripts are detected for other domains.

Note that this definition will ignore scripts loaded from sub-domains.

Definition Code