Course Content

  • XSS attack

Course Content


When a website contains JavaScript that takes an attacker-controllable value, known as a source, and passes it into a harmful function, known as a sink, DOM-based vulnerabilities occur.

Websites, for example, frequently reflect URL parameters in the server's HTML response. This is often connected with standard XSS, however it can also result in so-called reflected+DOM flaws.

XSS is commonly exploited by stealing cookies. For session management, most web apps employ cookies. Cross-site scripting vulnerabilities can be used to send the victim's cookies to your own domain, which you can then manually inject into your browser to impersonate the victim.

On a page, a DOM element is similar to a DIV, HTML, or BODY element. You can use CSS to apply classes to all of these, or you can use JS to interact with them.

Recommended Courses

Share With Friend

Have a friend to whom you would want to share this course?

Download LearnVern App

App Preview Image
App QR Code Image
Code Scan or Download the app
Google Play Store
Apple App Store
598K+ Downloads
App Download Section Circle 1
4.57 Avg. Ratings
App Download Section Circle 2
15K+ Reviews
App Download Section Circle 3
  • Learn anywhere on the go
  • Get regular updates about your enrolled or new courses
  • Share content with your friends
  • Evaluate your progress through practice tests
  • No internet connection needed
  • Enroll for the webinar and join at the time of the webinar from anywhere