XSS Notes

Most Common Locations for XSS Vulnerabilities

• Search fields that echo a search string back to the user

• Input fields that echo user data

• Error messages that return user supplied text

• Hidden fields that contain user supplied data

• Any page that displays user supplied data

• • Message boards

  • Free form comments

• HTTP Headers

What can XSS Do?

• Steal session cookies

• Create false requests

• Create false fields on a page to collect credentials

• Redirect a page to a "non-friendly" site

• Create requests that masquerade as a valid user

• Steal confidential information

• Execute malicious code on an end-user system (active scripting)

• Insert hostile and inappropriate content

Types of XSS

Reflected

• Malicious content from a user request is displayed to the user in a web browser

• Malicious content is written into the page after server response

• Social Engineering is required

• Runs with browser privileges inherited from user in browser

DOM-based (also technically reflected)

• Malicious content from a user request is used by client-side scripts to write HTML to its own page

• Similar to reflected XSS

• Runs with browser privileges inherited from user in browser

Stored or Persistent

• Malicious content is stored on the server (in a database, file system, or other object) and later displayed to user in a web browser

• Social engineering is not required

CVE-2021–43633Medium

Cross-Site Scripting (XSS) Cheat Sheet - 2022 Edition | Web Security AcademyWebSecAcademy

https://www.owasp.org/index.php/Top_10-2017_A7-Cross-Site_Scripting_(XSS)www.owasp.org

XSS game

https://github.com/pgaijin66/XSS-Payloads/blob/master/payload/payload.txt https://github.com/payloadbox/xss-payload-list/blob/master/Intruder/xss-payload-list.txt https://github.com/RenwaX23/XSS-Payloads/blob/master/Payloads.txt