XSS; Beyond the alert box
Cross site scripting (XSS) is everywhere. Holding the 3 spot on the OWASP Top 10 list, it is one of the most common findings while performing vulnerability assessments and penetration testing. With the rise of new web technologies, such as HTML5, the attack vector is constantly growing. Therefore, we also need to be advancing our detection techniques and how we are effectively communicating the business impacts to the client.
One of the most common techniques used as proof of concept (PoC) for identifying XSS has been the javascript alert box. The premise is this: if an attacker can send javascript code for an alert box into the application and have it executed within the browser, then XSS is present. For example:
The attacker modifies the user
parameter to contain the javascript code for an alert box:
http://target.site/welcome.php?user=Danny<script>alert('XSS')</script>
The...