forked from jaikishantulswani/bb-reports-templates
-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathPost Based XSS
46 lines (32 loc) · 1.07 KB
/
Post Based XSS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#introduction
There is an Post based XSS on <TargetURL> Which can be used to run JavaScript inside the context of your domain.
#Description
I found an Endpoint <TargetURL>
Which takes POST base input email and password.
<Param1>
<Param2>
I noticed that the values of those input are reflect back into the values of the java-script variables without any
validation So one can perform post based XSS which will run within the context of your domain.
####Normal Request
```
```
####Normal Response
```
```
####Request-With-XSS-Payload
```
```
####Response-With-XSS-Payload
```
```
#How to Reproduce:
1-
2-
3-
#Scope of an Attack:
It effects both the authenticated and Un-authenticated Users.
#Impact
The attacker could of course inject the above attack into his website and third-party application via a stored
XSS bug/Melicious Page. The form is submitted cross-domain (as in a cross-site request forgery attack), but the
resulting payload executes within the security context of the vulnerable application, enabling the full range of
standard XSS attack actions to be performed.