Reflected Cross-Site Scripting (Reflected XSS) Explained

👍👍👍 and subscribe for more reflected xss tutorials: https://www.youtube.com/channel/UC2vVVgKKzN-Gb_xeaUY0o-Q?sub_confirmation=1 Check out my best selling AppSec book: https://amzn.to/3pGO4Vz Check out my behind-the-scenes newsletter: https://www.andrewhoffman.me/newsletter/ Reflected Cross-Site Scripting (XSS) - also known as non-persistent XSS is a form of XSS where the cross-site component occurs temporarily as a result of user input being reflected into the DOM. In this case, the cross site scripting attack source is user input that typically occurs in an input or in a query param, and the sink is any type of JavaScript or DOM generation applied by the client (UI).