XSS is a very interesting and dynamic bug class for a number of reasons.
- The severity can range anywhere from informative to critical, depending on the application and context
- It can result in remote command execution in some contexts
- Due to the dynamic nature of the bug class, it’s difficult to prevent against from a development standpoint
- More complex XSS vulnerabilities will be mostly missed by automated tooling
Gaining an XSS on a vulnerable application may give an attacker the ability to:
- Steal session tokens, giving them full control of the user’s session
- Bypass Same Origin Policy (SOP), allowing them to perform sensitive actions as if they were logged the victim user
- Exfiltrate information that is viewable by the victim user, for example
In a worst case scenario, the vulnerability may be chained as a worm to affect users exponentially, as demonstrated here and here.
This post was created with our nice and easy submission form. Create your post!
GIPHY App Key not set. Please check settings