all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Reflected XSS (Tag Attribute href)

Add to bookmarks
March 16, 2023, 8:19 p.m. | Erdemstar

System Weakness - Medium systemweakness.com

Hello friends, today I will show you the steps of detecting a vulnerability that I encountered in Web Application Security Tests in my project named Saka Reflected XSS (Tag Attribute href) and exploiting this vulnerability.

What’s XSS

You can find detailed information about the XSS vulnerability in the article below.

Cross Site Scripting (XSS)

Running the Application

Docker

docker pull erdemstar/saka:reflected-xss-tag-attribute-href
docker run --rm -d -p 80:80 erdemstar/saka:reflected-xss-tag-attribute-href

Visual Studio 2019 IDE

git clone https://github.com/ErdemStar/Saka
cd reflected-xss-tag-attribute-href
- mouse click …

appsec pentest reflected xss saka security tag xss

Visit resource

More from systemweakness.com / System Weakness - Medium

IDOR Attacks Demystified: How They Work and How to Prevent Them 2 hours ago | systemweakness.com
attacks business compromise confidentiality +13
How does Single Sign-on (SSO) interact with Active Directory (AD) and Outlook? 2 hours ago | systemweakness.com
access active directory applications authentication +15
OSI Model & TCP/IP Comparison 2 hours ago | systemweakness.com
access communication deals frameworks +14
First AD home lab 23 hours ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 23 hours ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 1 day, 21 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 1 day, 21 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 1 day, 21 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 1 day, 21 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs