You are currently viewing Cross-Site Scripting | REFLECTED XSS

Cross-Site Scripting | REFLECTED XSS

Cross-site scripting is a classic well-known type of attack that is possible because some software applications take user input in an insecure way. This happens via search fields, survey forms, cookies, and online web forms.

Types → Reflected XSS, Stored XSS, and DOM XSS.

Reflected XSS → This attack occurs when a malicious script is reflected in the website’s results.

Payloads are:

'-alert("XSS")-'
'-alert(document.cookie)-'
'-alert(document.domain)-'
'-alert(document.location="http://www.bing.com")-'  |  (301 Moved Permanently)

Here comes the POC

Thanks for reading! I hope this helps,

happy learning buddies! 🙂

BOBBYTN

ℂ|𝔼ℍ𝕧𝟙𝟙 | 𝔹𝕦𝕘 𝕙𝕦𝕟𝕥𝕖𝕣 | ℂ𝕪𝕓𝕖𝕣 𝕊𝕖𝕔𝕦𝕣𝕚𝕥𝕪 ℝ𝕖𝕤𝕖𝕒𝕣𝕔𝕙𝕖𝕣 | 𝔼𝕥𝕙𝕚𝕔𝕒𝕝 ℍ𝕒𝕔𝕜𝕖𝕣 | 𝕄𝕒𝕤𝕥𝕖𝕣 𝕚𝕟 𝕊𝕠𝕔𝕚𝕒𝕝 𝔼𝕟𝕘𝕚𝕟𝕖𝕖𝕣𝕚𝕟𝕘...

Leave a Reply