Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 01:17:36 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [#2847] update find dom xss

Browse source
This commit is contained in:
CPol 2021-11-18 13:00:50 +00:00 committed by gitbook-bot
parent 32628dd460
commit fd9c38127a
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pentesting-web/xss-cross-site-scripting/dom-xss.md
View file

@ -73,6 +73,10 @@ Database
This kind of XSS is probably the **hardest to find**, as you need to look inside the JS code, see if it's **using **any object whose **value you control**, and in that case, see if there is **any way to abuse** it to execute arbitrary JS.
## Tools to find them
* [https://github.com/mozilla/eslint-plugin-no-unsanitized](https://github.com/mozilla/eslint-plugin-no-unsanitized)
## Examples
### Open Redirect