vote

1 answer

Reflected XSS monitoring

There is a lot of information on how to avoid or detect XSS, but I couldn't find much information on how to monitor for reflected XSS. Is there a way to automatically detect reflected XSS in my application's logs? My guess is that we can run a…

xss reflected-xss

asked Aug 14 '20 at 09:38

vybiar

11
1

1

vote

1 answer

Demonstrating reflected XSS with GET Parameter and URL encoding

A client is developing a website which is vulnerable to reflected XSS through a GET parameter: https://example.com/vulnerable-url?")||true)alert("XSS"); I would like to demonstrate this vulnerability by providing a link like the above but…

javascript encoding url reflected-xss

asked Feb 10 '20 at 23:43

user1330734

389
7
16

1

vote

0 answers

CSS Injection without colon

I'm looking for a way to create a CSS injection proof-of-concept. I can insert the following and it gets reflected in the browser: The only issue is that the colon gets URL encoded, which prevents the css…

injection reflected-xss css

asked Feb 01 '19 at 00:04

br0wnrice

11
2

1

vote

2 answers

What are the common features to identify XSS attack from Apache log file?

I have tried some XSS vulnerability on web application such as webgoat, OWASP mutillidae, bWAPP. I want to know the features/keywords/footprints of cross site scripting attack in apache log file and from these footprints, it is possible to identify…

xss owasp reflected-xss owasp-bwa

asked Dec 27 '18 at 08:16

Shree

151
1
7

1

vote

1 answer

How can I steal all cookies from reflected XSS?

I just found a website with a XSS vulnerability. When I visit the following URL, a pop up occurs: https://example.com/article/HALLOWEEN"> I have a cookielogger.php on my server with this code, so that when I visit…

xss reflected-xss

asked Sep 21 '18 at 19:41

Yosua Kristanto

11
1
2

1

vote

2 answers

XSS with URL encoding

If a website URL gets encoded then is the website still vulnerable to XSS or no? For example, if I try and the site URL encodes my payload to %3Cscript%3Ealert(1)%3C%2Fscript%3E does this mean the site is vulnerable to XSS…

xss encoding waf reflected-xss filtering

asked Jul 26 '18 at 23:49

Rifat Shommo

51
1
1
4

1

vote

2 answers

Why is unsanitized output from ajax request bad?

I know what I just described is a reflected XSS vulnerability. What I can't figure out is why it is a vulnerability. Because the way I see it, a user can't be directed to the attacker's content because the AJAX is executed without a page refresh or…

xss reflected-xss

asked Jul 26 '18 at 18:42

Adam McGurk

73
8

1

vote

1 answer

How to bypass response Location in order to obtain content XSS?

In some basic steps: POST Request containing a photo with multipart/form-data. HTTP/1.1 302 Found respond with redirect back to formular Redirect to initial formular. In case 1 we are able to control the filename allowing us to use any kind of…

xss url-redirection header reflected-xss

asked May 08 '18 at 13:28

Lucian Nitescu

1,802
1
13
27

1

vote

0 answers

xsser fails to find easy XSS vulnerability (Web For Pentester)

I tried to evaluate the effectivity of xsser (http://xsser.03c8.net) by letting it run against the "Web For Pentester" XSS tests (https://pentesterlab.com/exercises/web_for_pentester/course) is it implements very easy exploitable XSS vulnerabilities…

penetration-test xss reflected-xss

asked Apr 09 '18 at 17:50

user1192748

273
1
8

1

vote

2 answers

Is all reflected XSS bad?

I stumbled on a site today that was vulnerable to XSS. I was able to get an alert box to display via an input box and some JavaScript. I was about to report this to the site owner, but I realized there were no queries in the URL and this attack…

xss javascript reflected-xss

asked Aug 09 '17 at 13:39

Guest123

11
1

0

votes

2 answers

Why is an XSS payload in the address bar executed?

I was playing with OWASP Mutillidae II and in one page I've found a vulnerability. In the address bar I've wrote something like this: 127.0.0.1/.../?page=text-file-viewer.php/"> The alert box pops up, but I don't…

web-application web-browser xss reflected-xss

asked Aug 08 '14 at 17:38

malloc

854
1
9
11

0

votes

1 answer

Reflected DOM XSS Portswigger Lab

I'm a total beginner and im trying to solve Portswigger Academy labs. I'm studying on XSS right now and im stuck in somewhere. Lab Details:This lab demonstrates a reflected DOM vulnerability. Reflected DOM vulnerabilities occur when the server-side…

web-application xss burp-suite reflected-xss dom

asked Aug 24 '22 at 13:25

kgngkbyrk

3
1

0

votes

1 answer

XSS payload to Send request to server without closing tag

I was testing a website which does not have XSS in their scope. So I thought it would be a good idea to escalate XSS to a bug which is valid. I need to make a request to my server but the problem is closing tag > or forward slashes / are escaped but…

xss javascript reflected-xss

asked Aug 17 '22 at 13:15

ShellyShubh Dev

3
2

0

votes

1 answer

Is it possible to get xss in json body request?

I was doing a VAPT assessment in which I see some JSON body in the request which has orgid deviceid So there any possibility to get XSS in json body?

web-application xss json reflected-xss bug-bounty

asked Jun 24 '22 at 17:41

B3ingN00b

3
2

0

votes

2 answers

Parameter vulnerable for HTML injection but cannot exploit because of URL encoding

I found a HTML injection vulnerability but there is an issue. The following request returns the following: curl "https://redacted.com/xss/para?meter=">

Test\

"

xss html url encoding reflected-xss

asked Jun 19 '22 at 13:58

Ugroon

1
2

Prev 1 2

3

4 5 6 Next

Questions tagged [reflected-xss]

Test\