JS
(quick guide & examples)
Simply put, users finding ways to insert or override the "original"Javascript with their own. Therefore, known as "Javascript Injection".
Most people will point to "do bad things" and "hacking". But no. Developers also sometimes do injection to test things out quickly.
Press F12 in most modern browsers to open up developer's console.
Open any webpage.
Enter your script in the console tab. For example, function foo () { alert(”bar”); }
Double click on the HTML, insert your own onclick=”foo()”.
Right-click on an element > Inspect.
Done. Click on the element.
Simply enter "javascript:YOUR-CODE-HERE" into the address bar.
For example, javascript:alert("hi!");
Just enter a <script> tag into a comment or review form. For example - Hi! <script>alert("Foo");</script>
Most modern websites have proper anti-injection measures (99% will not work).
Cross-site scripting- When you load the JS from another site <script src="http://site.com/hijack.js"></script>