DOM XSS
DOM refers to the hierarchical organization of an HTML page. DOM XSS are not persistent and the payloads do not reach the back-end. The payload is getting executed client-side.
The concepts of Source and Sink are at the core of DOM XSS. The source can be referred as the function or object that take the user input (for example, an URL, an input field, etc.). On the other hand, the Sink refers to the function that take the user input and writes it to a DOM object on the HTML page.
A DOM XSS occurs when the Source does not properly sanitize the user input.
Sink
document.write()
DOM.innerHTML
DOM.outerHTML
JQuery writes function
add()
after()
append()
The inner.HTML
function does not allow the use of the <script>
tag. The inner.HTML function can be abused using others payload without this tag such as
<img src="" onerror=alert(window.origin)>
Last updated