You are currently viewing Reflected XSS into HTML context with all tags blocked except custom ones

Reflected XSS into HTML context with all tags blocked except custom ones

Introduction to Reflected XSS into HTML context with all tags blocked except custom ones.

Reflected XSS into an HTML context, with all standard tags except bespoke ones disallowed, is a web security flaw. It happens when untrusted user input is not properly cleaned or encoded before being returned to users in an HTML response. Although the program prohibits conventional HTML tags, custom tags are permitted, making them potentially exploitable. To address this flaw, developers must use strict input validation and output encoding procedures, including for custom tags. Input validation guarantees that data is thoroughly reviewed and sanitized, whereas output encoding prevents user-generated material from being interpreted as executable code. Regular security audits and adherence to best practices are critical for limiting reflected XSS vulnerabilities, protecting user data, and ensuring web application integrity.

Lab Solutions | Practical Work Time XSS into HTML context

This lab blocks all HTML tags except custom ones.

To solve the lab, perform a cross-site scripting attack that injects a custom tag and automatically alerts document.cookie.

Stepwise Solution of the lab:-

After accessing this lab you can see here we first noticed that an option there named “Go to exploit server”.

So without further ado, click on it.

I directly came here by scrolling a little bit. Now we will deliver the below code to the victim.

<script>
location = 'https://YOUR-LAB-ID.web-security-academy.net/?search=%3Cxss+id%3Dx+onfocus%3Dalert%28document.cookie%29%20tabindex=1%3E#x';
</script>

What you’ve to do is just copy the lab ID and replace it at ‘YOUR-LAB-ID’. Now, Click on ‘Deliver exploit to victim’. Let’s see what will happen.

BOOM! We’ve solved the lab. But let me tell you what actually happened.

DOM-based XSS” attack involves creating a custom HTML tag with an ID of “x” and an “onfocus” event handler. This triggers the “alert” function, causing the page to load with focus on the element. XSS attacks are security vulnerabilities that can steal sensitive information, perform unauthorized actions, or deliver further attacks. Web developers should follow secure coding practices and users should keep their browsers and applications up-to-date to minimize vulnerability exposure.

I hope you had loved reading this article after you had completed this article we highly recommend you to study the next article: Reflected XSS with some SVG markup allowed, please don’t forget to leave a comment over here and share it with your friends as well, Good Luck!

Thank you for reading, if this article really helps you then do share it with your mates.
And follow @masaudsec on Twitter.

FAQS

What is web security?

Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.

What is web application security?

Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.

Which of the following is a good security practice for web browsing?

It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.

How to find someone’s social security number on the dark web

Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.

Leave a Reply