👍👍👍 and subscribe for more DOM XSS tutorials: / @and1hof
Check out my best selling AppSec book: amzn.to/3pGO4Vz
Check out my behind-the-scenes newsletter: www.andrewhoff...
DOM-based cross-site scripting (DOM XSS) is a form of cross site scripting first noted by Amit Klein in July 2005 in his paper "DOM Based Cross Site Scripting or XSS of a Third King: A look at an overlooked flavor of XSS". In this paper, Amit argues that reflected typically refers to XSS that bounces off of a server, stored typically refers to XSS where the payload persists in a database - but there are also XSS attacks where the source and sink both reside inside of the browser and in the DOM. These attacks he denotes as DOM XSS.
Негізгі бет DOM-Based Cross-Site Scripting (DOM XSS) Explained
Пікірлер: 18