The Ultimate Guide to Finding and Escalating XSS Bugs | @Bugcrow

Cross-Site Scripting (XSS) is the most common vulnerability discovered on web applications. It occurs when an attacker is able to execute client-side JavaScript in another user’s browser. 

XSS is a very interesting and dynamic bug class for a number of reasons.

  • The severity can range anywhere from informative to critical, depending on the application and context
  • It can result in remote command execution in some contexts
  • Due to the dynamic nature of the bug class, it’s difficult to prevent against from a development standpoint
  • More complex XSS vulnerabilities will be mostly missed by automated tooling

Gaining an XSS on a vulnerable application may give an attacker the ability to:

  • Steal session tokens, giving them full control of the user’s session
  • Bypass Same Origin Policy (SOP), allowing them to perform sensitive actions as if they were logged the victim user
  • Exfiltrate information that is viewable by the victim user, for example

In a worst case scenario, the vulnerability may be chained as a worm to affect users exponentially, as demonstrated here and here.  

This post was created with our nice and easy submission form. Create your post!

What do you think?

Posted by SH

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

The hidden mysteries of the burp suite proxy tab

How SSL certificates are leaking sensitive information