You are currently viewing Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped

Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped

Introduction to Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes and backslash escaped

In Stored XSS into onclick, Stored Cross-Site Scripting (XSS) is a web security vulnerability where untrusted user input is not properly sanitized or encoded in an on click event attribute. The attacker uses HTML-encoding and escaping techniques to bypass input filters and sanitization routines. This vulnerability can lead to unauthorized actions, data theft, or compromised user accounts. To mitigate this vulnerability, web developers should implement input validation and output encoding practices. Prioritizing web security, following secure coding practices, and conducting regular security audits can reduce the risk of stored XSS vulnerabilities in onclick events, protecting web applications, user data, and maintaining a secure online environment.

Lab Solutions | Practical Work Time Stored XSS into onclick

This lab contains a stored cross-site scripting vulnerability in the comment functionality.

To solve this lab, submit a comment that calls the alert function when the comment author name is clicked.

Stepwise Solution of the lab:-

After accessing the lab you can see there are lots of posts. (Scroll down a little bit)

Without further ado, click on “View post”. (You can select any post)

Fill out the form as I did. Before clicking on Post Comment. Move on Burp Suite and turn on Intercept. [And as you know if you’re using Firefox then use FoxyProxy]

After clicking on Post comment just got a prompt to forward the request. So, we simply Send to Repeater.

Again Back to blog and reload the page while Intercept on.

Send to Repeater this one also.

Click on Send then search xyz and have a look it has oneclick event. In this scenario to solve this lab inject the below payload. [Will be showing you where to inject]

http://foo?'-alert(1)-'

So, fill out the form as following screenshot. Now click on Post Comment.

BOOM! We’ve solved this lab finally.

Be ready for its other parts 🙂

I hope you had loved reading this article after you had completed this article we highly recommend you to study the next article: Reflected XSS into a template literal with angle brackets, single, double quotes, backslash, and backticks Unicode-escaped, please don’t forget to leave a comment over here and share it with your friends as well, Good Luck!

Thank you for reading, if this article really helps you then do share it with your mates.
And follow @masaudsec on Twitter.

FAQS

What is web security?

Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.

What is web application security?

Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.

Which of the following is a good security practice for web browsing?

It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.

How to find someone’s social security number on the dark web

Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.

Leave a Reply