You are currently viewing DOM XSS in innerHTML sink using source

DOM XSS in innerHTML sink using source


“DOM XSS in innerHTML sink using source” refers to a specific scenario where an attacker exploits the innerHTML property as a potential vulnerability to inject and execute malicious code within the Document Object Model (DOM) of a web page using the source

Lab Solutions | Practical Work Time DOM XSS in innerHTML sink using source

This lab contains a DOM-based cross-site scripting vulnerability in the search blog functionality. It uses an innerHTML assignment, which changes the HTML contents of a div element, using data from

To solve this lab, perform a cross-site scripting attack that calls the alert function.

Stepwise Solution of the lab DOM XSS in innerHTML sink using source

Let’s begin without any further delay by clicking the ‘Access the lab’ button.(As you know, most of them)

Here we’re because of to find cross-site scripting (XSS) in innerHTML sink using source
RIGHT? So to do that we’ve to search for something in search functionality (search box). Let’s give a try with ‘novaexperience’ for test.

Well, after that let’s check what is behind the source code there that can lead DOM XSS.

Nothing special you can see it’s in a span tag. Try with the basic XSS payload we usually use for ‘Reflected XSS’ and see what happens.

DOM XSS in innerHTML sink using source

It’s taking <script> tag but nothing Reflected. RIGHT? In this scenario let’s try another working payload that will solve this lab.

<img src=1 onerror=alert(1)>
DOM XSS in innerHTML sink using source

BOOM! We’ve solved the lab successfully. Let’s analyze a little bit what happens inside. For that as always go to dev tools and check below at <span> tag.

DOM XSS in innerHTML sink using source

Here in payload, we use <img tag that is even shown on the web page after pushing a payload of cross-site scripting (XSS). And as a source we just use src. The main part is alert() function, the reason we got the prompt (pop-up), is that its infectable for DOM XSS in innerHTML sink using source

In the next article, we will discuss about “DOM XSS in innerHTML sink using source“.

I hope you had loved reading this article after you had completed this article we highly recommend you to study the next article: DOM XSS in jQuery anchor href attribute sink using source, please don’t forget to leave a comment over here and share it with your friends as well, Good Luck!

Thank you for reading, if this article really helps you then do share it with your mates.
And follow @masaudsec on Twitter.


What is web security?

Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.

What is web application security?

Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.

Which of the following is a good security practice for web browsing?

It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.

How to find someone’s social security number on the dark web

Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.

Leave a Reply