reflected-xss – Page 3 – WindowsTechs.com

XSS payload to Send request to server without closing tag

Posted on August 17, 2022 by ShellyShubh Dev

I was testing a website which does not have XSS in their scope. So I thought it would be a good idea to escalate XSS to a bug which is valid. I need to make a request to my server but the problem is closing tag > or forward slashes / ar… Continue reading XSS payload to Send request to server without closing tag→

Difference Between Reflected XSS and Reflected-DOM XSS

Posted on August 12, 2022 by NoPurposeInLife

What’s the difference between Reflected XSS (RXSS) and Reflected-DOM XSS (RDOMXSS)? After some research, I think it can be concluded that Reflected-DOM XSS is:
Similarities:

The value is reflected by the target application

Characteristic… Continue reading Difference Between Reflected XSS and Reflected-DOM XSS→

Need for URL encoding in XSS / CORS lab

Posted on June 30, 2022 by Voyyce

I am doing one of Portswigger’s labs on web security, specifically CORS (cross origin resource sharing). I am having trouble understanding why there is a need for URL encoding certain parts of the XSS payload.
As a brief summary, the lab i… Continue reading Need for URL encoding in XSS / CORS lab→

Is it possible to get xss in json body request?

Posted on June 24, 2022 by B3ingN00b

I was doing a VAPT assessment in which I see some JSON body in the request which has orgid deviceid
So there any possibility to get XSS in json body?

Continue reading Is it possible to get xss in json body request?→

Parameter vulnerable for HTML injection but cannot exploit because of URL encoding

Posted on June 19, 2022 by Ugroon

I found a HTML injection vulnerability but there is an issue.
The following request returns the following:
curl "https://redacted.com/xss/para?meter="><h1>Test\</h1>"<meta name="url:url" content=&… Continue reading Parameter vulnerable for HTML injection but cannot exploit because of URL encoding→

portswigger Lab – Reflected XSS into HTML context with most tags and attributes blocked

Posted on June 16, 2022 by Juan

I am busy with the portswigger lab studies, doing "Reflected XSS into HTML context with most tags and attributes blocked".
I successfully fire the print() on myself and the simulated victim, but for extra practice in preparing fo… Continue reading portswigger Lab – Reflected XSS into HTML context with most tags and attributes blocked→

XSS – Anyway to bypass double quotes in href of anchor?

Posted on May 1, 2022 by PradyumanDixit

I have an anchor that has href attribute populated by my input. I am trying to input javascript, but it always renders it useless since it always appears between double quotes.
So far, I have tried many inputs including:
javascript:alert(1… Continue reading XSS – Anyway to bypass double quotes in href of anchor?→

Explotation of reload/redirect through javascript

Posted on April 15, 2022 by John

While working on a site (https://website.com/site/site.apexp) the site redirects through a javascript function:
<html>
<script>
function redirectOnLoad() {
var escapedHash = ”;
var url = ‘https://website.com/s/login?ec… Continue reading Explotation of reload/redirect through javascript→

How to bypass server-side URL encoding ? [Firing-Range automation]

Posted on April 10, 2022 by arkaprabha17

I’m trying to make an automated XSS detection toolkit for myself and I’m using google’s firing range for testing it. For this particular case of escaped XSS in HTML context https://public-firing-range.appspot.com/escape/serverside/encodeUr… Continue reading How to bypass server-side URL encoding ? [Firing-Range automation]→

setAttributeNS XSS Vulnerability

Posted on March 9, 2022 by Arturo Martinez

Im fixing some security issues that AppScan found on my Angular Application, one of them is the insecure use of "setAttributeNS()"
I use this method in my application to inject some namespaces in the correct htmlElemnt
I have rea… Continue reading setAttributeNS XSS Vulnerability→