Skip to content
/ DOM-XSS-JS-Example Public

An example of DOM XSS for Javascript using Node.js and Express

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nleach999/DOM-XSS-JS-Example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
src/app
src/app
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Client DOM XSS Vulnerability and Remediation Demo

The purpose of this example is to show how a script can be embedded in window.location.href to perform a client side DOM XSS attack.

This demonstrates that JSON.parse can not be considered a proper sanitizer. It also demonstrates a False-Negative static analysis detection miss when the data flow analysis ends in the scope of a lambda expression.

How to Run

Assuming you have Node.JS installed, execute npm install followed by npm run. Navigate to http://localhost:3000 to see that application.

About

An example of DOM XSS for Javascript using Node.js and Express

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages