Content Injection

This attack goes hand-in-hand with XSS. This is usually accomplished by using a XSS vulnerability to inject an iframe that hosts malicious code.

These attacks will commonly be used to trick a user to connect to a machine controlled by an attacker.