XSS in Vue.js

XSS + Vue.js

There are cross-site scripting (XSS) possibilities combined with Vue, and they are being examined in the article XSS in Vue.js along with concerns that developers should have.

Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users.

What is an XSS?

An XSS attack injects malicious code into someone else’s web page. Below you will find an example of an XSS performed with Query.

query playground with XSS

Is Injecting HTML possible in newer frameworks? Injecting HTML is a feature available to any front end framework and used is by websites when part of the website HTML is generated by the server.

In this link you can find an example on how to perform XSS injection with Vue, Vux and Iview.

The author also addresses questions like Can we perform an XSS attack on Vue?, How can I avoid XSS attacks?, and more. If you are interested in security regarding Vue apps you can find more here.

This article was submitted on vuejsfeed.com originally hosted on https://blog.sqreen.io.