Types of XSS Client Side Attacks
Client Side Attacks includes:
Cross Site Request Forgery can be exploited by attackers that a user is already logged into a service.
Clickjacking tricking a user to follow a disguised toxic link.
Cross Site Request Forgery (XSRF) attacks gets the user to follow a link on a site that they are logged into. But the attacker can take advantage of the action.
It could be a link from the users bank account to the attacker.
If the user is logged into a site that is not well enough defended against this attack. It can allow for an execution how the attackers can exploit it without the user knowing it.
Clickjacking attacks are used to trick the target user to click a toxic link. The link can be disguised look as a legitimate link.
This way they can steal session IDs stored in the browser and login to a legitimate system.
To protect against this type of attacks this is done by using server side defenses.