Questions tagged [xss]
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.
4,516
questions
0
votes
0
answers
12
views
How to properly validate and sanitize URL input using express-validator in an Express.js application?
I am working on an Express.js project where I need to validate and sanitize user inputs for creating menu and submenu items. I am using express-validator for validation. However, I am facing an issue ...
2
votes
1
answer
43
views
Django: Screening dangerous characters from text input [duplicate]
I have a Django app where a few of the forms support a text input with maximum lengths of either 50 or 250 characters. In all cases, the data entered will be stored in the backend DB and will be ...
-2
votes
0
answers
31
views
(Bug Hunting) Help to exploit an iframe hosted on the target host [closed]
i am new to bug hunting. then came across a webpage which i can modify the src of an iframe using inspect element of a browser. The test url that a put in the <iframe src="hxxp://xxx.test.com ...
0
votes
0
answers
36
views
How to protect against XSS attacks in Servant Framework?
I have an S2S API which takes in user input and some of that input later gets sent to the frontend. If the user data contains any html like <script> tags, I want to throw a Bad Request 400 ...
0
votes
1
answer
50
views
Is <textarea> .value Cross-Site Scripting (XSS) safe?
I am writing a static page for a tool: User pastes in base64 and it gets converted into plaintext. Not like it matters, but because the context is cryptographic, I want to prevent XSS.
I noticed ...
-2
votes
0
answers
60
views
Can CSS inject JS/Text/Elements without using url(), expression() or pseudo selectors?
Can I consider a CSS script or inline styling safe from injection if I parse the content and discard all pseudo-selectors any pair of css_property=value; when the value contains any of the keywords ...
-1
votes
1
answer
20
views
Ways to allow inline script for script-src CSP header without using nonce/hash/unsafe-inline
Is there any way that allows inline script for script-src CSP header without using nonce/hash/unsafe-inline ?
Since our project is huge and there are multiple areas where inline script is present
We ...
1
vote
1
answer
30
views
Service Stack - Security XSS Query following pentest
We recently had a penetration test done, and one of the "high" items was the fact that our servicestack API will reflect back user input unmodified to the caller. E.g. I can send some ...
0
votes
0
answers
15
views
Reflected XSS Cookie Grabbing for Internal application
I'm able to execute reflected xss on an internal application which does not have internet access. The developer is asking me to exploit the issue. he also assures that the session id is mapped to IP ...
0
votes
2
answers
50
views
Post raw HTML data via AJAX to server with ModSecurity
I have a website that uses jQuery ajax $.post to save html data to a PHP script.
The data for $.post is serialized textarea form data (where the user edits css, javascript & html).
All works well ...
-1
votes
0
answers
38
views
Escaping outputs by default? [duplicate]
We are using an MVC arch and using JSP for view. Our codebase is a bit old and not many people focused on using escapeXML or c:out tags in JSPs which is causing a lot of XSS vulnerabilities now. We ...
1
vote
1
answer
72
views
How could I escape a value in custom JSP tag handler? [duplicate]
This is one of my field in one of my jsp file:
<input class="form-input" id="login" type="text" name="login"
<c:choose>
<c:when test="${...
1
vote
1
answer
38
views
Why innerHTML injects data into page if it doesn't use append on body?
I encountered this seemingly safe function to extract text content from html
function getText(html) {
const div = document.createElement('div')
div.innerHTML = html
return div.textContent
}
It ...
0
votes
1
answer
46
views
Assigning window.open causes a DOMException
I have an iframe embedded in a different domain that opens up a popup window in a different domain. I am trying to establish cross window communication and running into a bunch of XSS security ...
-1
votes
1
answer
52
views
dangerouslySetInnerHTML not working with a <script>
I have the following code:
const Show = () => {
const dangerousMarkup = { __html: "<script>alert('ERROR');</script>" };
return (
div dangerouslySetInnerHTML={...