Cross-site Scripting (XSS)


During the scan, Kayran managed to find an XSS vulnerability,

Cross-site Scripting (XSS) is a security vulnerability in web applications that is caused by not validating inputs from the user, which could allow an attacker to inject malicious JavaScript code. If the website lacks proper data sanitization, attackers often preform XSS attacks by sending malicious links to the user and enticing the user to click it.

Cross-site scripting vulnerabilities usually allow an attacker to impersonate as a victim user. The malicious link executes the attacker’s chosen code on the user’s system which could allow the attacker to steal the user’s active session cookie.

XSS have 3 different situations but all of them require 1 important condition which is reflection.
Self XSS –
The first and the less unharmful XSS attack is by explointing an XSS only in the side of the attacker without the abillty of infecting others.
this situation does need to be fixed but cannot cause any damage by herself alone.

Reflected XSS –
As mentioned earlier, the very import condition of XSS to exist is the reflection on the page. So, reflected XSS take advantage from that idea.
for example: if url of search page in a site will be – and an attacker will found that the parameter query does have a reflection in the site, an attacker might found place of reflection without validation and preform the XSS right there, with that being done he will be able to infect other users and computer by just sending them the link with the malicious code.

Stored XSS –
Stored XSS is the most harmful situations of all three. An attacker will preform it in place like comment section or post publishing.
it will infect other users by seeing the post or the comment with the JavaScript code injected by the attacker.


Average Score – 9.0 High


Sanitizing user input

Input sanitization is a measure of checking, cleaning, and filtering data inputs from any unwanted characters and strings to prevent the injection of harmful codes into the system. From the user’s browser, data input travels through GET request, POST request, and cookies, hackers can manipulate the data that is being sent. 

This can be done in three ways:

  • Whitelist sanitizing
    Allows only valid characters and code strings.
  • Blacklist sanitizing
     Cleaning the input by removing any unnecessary characters.
  • Escape sanitizing
     Refuse invalid data requests in order not to be seen as codes.


< Return to all Vulnerabilities

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »