Which of the following is the primary goal of a

Solution

A Cross-Site Scripting (XSS) attack exploits vulnerabilities in web applications to inject malicious scripts (typically JavaScript) into a website. These scripts are then executed in the browsers of users who visit the compromised website. The attacker may use this method to steal session cookies, hijack user accounts, deliver malware, or execute phishing scams. XSS can occur due to improper input validation or inadequate sanitization of user-supplied data. For instance, an attacker might input a malicious script in a comment section, and when other users view the page, their browsers execute the script unknowingly. XSS impacts user security and trust significantly. Why Other Options Are Incorrect :

1. Alter server-side data without authentication : This describes Injection Attacks , not XSS.
2. Deny legitimate users access to a website : This is the goal of DDoS attacks , not XSS.
3. Crack user credentials using repeated attempts : This describes Brute Force Attacks , not XSS.
4. Exploit a website’s server to inject malicious database queries : This describes SQL Injection , not XSS.