DOM-based Cross-Site Scripting (XSS)

High Web Application Scanning Plugin ID 98109

Synopsis

DOM-based Cross-Site Scripting (XSS)

Description

Client-side scripts are used extensively by modern web applications.
They perform from simple functions (such as the formatting of text) up to full
manipulation of client-side data and Operating System interaction.

Unlike traditional Cross-Site Scripting (XSS), where the client is able to inject
scripts into a request and have the server return the script to the client, DOM
XSS does not require that a request be sent to the server and may be abused entirely
within the loaded page.

This occurs when elements of the DOM (known as the sources) are able to be
manipulated to contain untrusted data, which the client-side scripts (known as the
sinks) use or execute an unsafe way.

Scanner has discovered that by inserting an HTML element into the page's DOM inputs
(sources), it was possible to then have the HTML element rendered as part of the
page by the sink.

Solution

Client-side document rewriting, redirection, or other sensitive action, using untrusted data, should be avoided wherever possible, as these may not be inspected by server side filtering.
To remedy DOM XSS vulnerabilities where these sensitive document actions must be used, it is essential to:
1. Ensure any untrusted data is treated as text, as opposed to being interpreted as code or mark-up within the page. 2. Escape untrusted data prior to being used within the page. Escaping methods will vary depending on where the untrusted data is being used. (See references for details.) 3. Use `document.createElement`, `element.setAttribute`, `element.appendChild`, etc. to build dynamic interfaces as opposed to HTML rendering methods such as `document.write`, `document.writeIn`, `element.innerHTML`, or `element.outerHTML `etc.

See Also

https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet

Plugin Details

Severity: High

ID: 98109

Type: remote

Published: 2017/03/31

Modified: 2017/10/16

Risk Information

Risk Factor: High

CVSSv2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSSv3

Base Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Reference Information