search

ine-labs / AWSGoat

AWSGoat : A Damn Vulnerable AWS Infrastructure
MIT License
1.7k stars 1.04k forks source link

Documented xss using <script> does not work, only the <image> one works #4

Closed mathiasconradt closed 2 years ago

mathiasconradt commented 2 years ago

The first xss documented on https://github.com/ine-labs/AWSGoat/blob/master/solutions/module-1/01-Reflected%20XSS.md

<script>alert('1')</script>

with expected behaviour:

An alert box pops up on our screen which confirms that our application is vulnerable to XSS injection attacks

does not work, at least not for me.

The xss using the <image> tag works as expected and documented.

When entering above line, nothing happens. 2022-08-09_21-03

Environment: Tested with Brave (Version 1.41.100 Chromium: 103.0.5060.134 (Official Build) (64-bit)) and Chrome (Version 104.0.5112.79 (Official Build) (64-bit)), on 5.18.14-1-MANJARO + xfce. Also tested on Mac OS 12.5 with Chrome, same result.

mathiasconradt commented 2 years ago

I'm just watching the video https://youtu.be/qa-dXJ4lOWI?t=30 and there the <script> tag does not trigger any alert either, so I guess it's just the documentation that should be adjusted, that one does not expect a popup there already.

So it's basically just about removing this line from the docs:

An alert box pops up on our screen which confirms that our application is vulnerable to XSS injection attacks

jeswinMathai commented 2 years ago

Thanks Mathias! We have updated the manuals with #13 .