Questions tagged [dom]
The dom tag has no summary.
58 questions
4
votes
0
answers
102
views
XSS with failing method in the injected DOM within onclick
If I have a DOM XSS such as
<button type="button" data-dismiss="modal" onclick="Register.search('{INJECTION_PAYLOAD}');">
Search
</button>
Where I could ...
- 41
2
votes
1
answer
850
views
Secure way to output encoding HTML for insert raw html via javascript
I want to be 100% secure, I create raw html this way:
const template = document.createElement('template')
template.innerHTML = html_raw
const cloned = template.content.cloneNode(true)
document....
- 171
1
vote
0
answers
754
views
Client-side Javascript injection by assinging the output of window.location.href.substr to a variable
Sample code:
function winLoad() {
var sessionId = '';
if (window.location == window.top.location) {
var semicolonIndex = window.location.href.indexOf(';');
if (semicolonIndex !=...
- 11
1
vote
1
answer
201
views
Javascript: How to check SHA of fetched script before executing
To save money and/or reduce system complexity, I am hosting a script on a server that I don't fully trust. My trust issue might be with the server itself, or the PKI setup on it. The reason doesn't ...
- 389
1
vote
2
answers
512
views
Dom Clobbering methods on the document object
I'm struggling to understand how this flavor of dom clobbering actually works.
The green box at the top of this section of the HTML spec makes it pretty clear why I can access HTML elements as global ...
- 111
1
vote
1
answer
550
views
Reflected DOM XSS Portswigger Lab
I'm a total beginner and im trying to solve Portswigger Academy labs. I'm studying on XSS right now and im stuck in somewhere.
Lab Details:This lab demonstrates a reflected DOM vulnerability. ...
- 13
2
votes
2
answers
1k
views
Difference Between Reflected XSS and Reflected-DOM XSS
What's the difference between Reflected XSS (RXSS) and Reflected-DOM XSS (RDOMXSS)? After some research, I think it can be concluded that Reflected-DOM XSS is:
Similarities:
The value is reflected by ...
- 161
0
votes
0
answers
108
views
Load url from CSS applied to element outside DOM
I was wondering if it's possible to kick off a network call by manipulating the style tag on an element outside the DOM (which could lead to potential SSRF if this were done server-side). I've tried a ...
- 349
0
votes
1
answer
1k
views
How to test an Angular SPA for DOM XSS with OWASP ZAP?
I want to test an Angular SPA for any DOM-based XSS. How do I do that with OWASP ZAP?
- 31
0
votes
1
answer
738
views
DOM-based XSS - via URL
I have a website that I am testing but I am pretty new to all of this security stuff and would appreciate some help!.
I have a url similar to the following:
http://testurl?nexturl=whatever
The ...
0
votes
2
answers
479
views
Safely creating script tag and attaching to DOM
I have a need to to create and attach a script tag to DOM at runtime.
The script is a remote webpack bundle (via a Module Federation plugin). I would like to be able to change the URL to that hosted ...
- 111
1
vote
0
answers
264
views
Webpack chunk loading mechanism and safety
I am trying to understand the mechanics of webpack's chunk loading. From what I understand, chunks are appended to DOM via javascript
document.createElement("script") with script's src ...
- 111
0
votes
0
answers
30
views
Whats wrong with this XSS vector? [duplicate]
Payload:
<DIV STYLE="background-image: url(javascript:alert('XSS'))">
Reference: http://seguretat.wiki.uoc.edu/index.php/XSS_Cheat_Sheet
Can someone please explain why this payload is ...
- 101
0
votes
0
answers
498
views
prevent dom based - xss from js file in mvc
I'm using a free template as a front end in my application and the main javascript file came out as a high risk as it's vulnerable to a dom based cross site scripting.Is there a way to sanitize the ...
- 1
0
votes
2
answers
622
views
Does CSP mitigate against client prototype pollution XSS and DOM XSS?
DOM XSS and client prototype pollution-based XSS have one thing in common, we are modifying the pre-existing JavaScript code to popup an alert(1). Will CSP mitigate XSS in this case? Theoretically, ...
- 113