Found what looks like an XSS vuln, needs fixed asap!

JimLoughran / 1st-Repo

My 1st Github Repo

0 stars 0 forks source link

Found what looks like an XSS vuln, needs fixed asap! #7

Open JimLoughran opened 3 years ago

JimLoughran commented 3 years ago

Found what looks like an XSS vuln, needs fixed asap!

secure-code-warrior-for-github[bot] commented 3 years ago

Micro-Learning Topic: XSS (Detected by phrase)

What is this? (2min video)

Reflected cross-site scripting vulnerabilities occur when unescaped input is displayed in the resulting page displayed to the user. When HTML or script is included in the input, it will be processed by a user's browser as HTML or script and can alter the appearance of the page or execute malicious scripts in their user context.

Try this challenge in Secure Code Warrior

JimLoughran commented 3 years ago

Actually it's Stored XSS!

JimLoughran commented 3 years ago

DOM Based XSS for sure!

JimLoughran commented 3 years ago

Maybe CSRF?

JimLoughran commented 3 years ago

Try CSRF

JimLoughran commented 3 years ago

OWASP A2