> For the complete documentation index, see [llms.txt](https://ret2basic.gitbook.io/ctfnote/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://ret2basic.gitbook.io/ctfnote/web/cross-site-scripting-xss/reflected-xss.md).

# Reflected XSS

## What is Reflected XSS?

**Reflected XSS** arises when an application receives data in an HTTP request and includes that data within the immediate response in an unsafe way. Suppose a website has a search function which receives the user-supplied search term in a URL parameter:

```uri
https://insecure-website.com/search?term=gift
```

The application echoes the supplied search term in the response to this URL:

```markup
<p>You searched for: gift</p>
```

Assuming the application doesn't perform any other processing of the data, an attacker can construct an attack like this:

```uri
https://insecure-website.com/search?term=<script>/*+Bad+stuff+here...+*/</script>
```

This URL results in the following response:

```markup
<p>You searched for: <script>/* Bad stuff here... */</script></p>
```

## Finding Reflected XSS

## Reference

{% embed url="<https://portswigger.net/web-security/cross-site-scripting/reflected>" %}
What is reflected XSS? - Web Security Academy
{% endembed %}
