Cross-Site Scripting - Reflected DOM-XSS

General Reflected DOM-XSS Report Requirements

---

• Payloads should show access to the DOM when possible using document.domain or similar.

• Screenshots should include successful XSS execution.

• HTTP requests where payloads are sent are required.

• A full PoC should be included in the report.

• A snippet of the vulnerable code should be added to the Description section.

• If authentication is required, please include credentials in your first step.

• Please see the this article for more information regarding Reflected DOM-XSS

---

Template Contents

---

Title

Reflected DOM Based XSS on [SITE]

---

Description

Cross-Site Scripting (XSS) attacks involve the execution of untrusted user input in the context of an application. In this case, malicious input that is reflected may, on its own, be harmless until processed further by client side code that results in execution of malicious browser scripts. The following report will describe the Reflected DOM-XSS findings.

Vulnerable Code:

INSERT VULNERABLE CLIENT SIDE CODE HERE

---

Impact

XSS results in unauthorized code being executed/rendered by a user's browser. As a result the following may occur:

• Cookies can be stolen, leading to account takeover

• Untrusted code can modify the DOM environment and retrieve/modify various values

• Malicious execution of input can lead to a variety of other impacts

---

Recommended Fix

Some general rules provided by OWASP:

• Never insert untrusted data except in allowed locations

• HTML encode before inserting untrusted data into HTML element content

• Attribute encode before inserting untrusted data into HTML common attributes

• JavaScript encode before inserting untrusted data into JavaScript data values

• URL encode before inserting untrusted data into HTML URL parameter values

For more detailed information on these tips, visit the OWASP XSS Prevention cheat sheet HERE.

---