Accesing the server database using java script

Hi,


I need to confirm the security of my new system so that this needs to be tested for the XSS attacks. Is there a way that the client can access the server Database specially secure data by submitting a javascript through input fields?

If so, please be kind enough to tell me a way to test and confirm this.

re: Accesing the server database using java script

most likely you should be aware of SQL-injection when trying to secure your database - with XSS an attack is usually used to hijack user-information through modifying the page a user gets from your server, even though the injected JavaScript-Code might retrieve sensitive information from your database and send it to whereever ... just try to inject something. So the answer to your question is YES ... but i will not show you how to test it you might search the web and you will find enough to start an attack your own site to test it for yourself.

this forum will not provide any information, or guideline to do such things ... that potentially could be used for malicious attacks ...

kind regards