Burp Suite User Forum

Create new post

Cross-site scripting (DOM-based)

Veeru | Last updated: Oct 20, 2018 10:54AM UTC

Hi, When I am doing an active scan on a website, I got an issue name Cross-site scripting (DOM-based) with Severity: High Confidence: Tentative Issue detail The application may be vulnerable to DOM-based cross-site scripting. Data is read from location.pathname and passed to $() via the following statement: $('.topbar-navigation-link[href^="/' + location.pathname.split("/")[1] + '"]').addClass('active'); Now, I want to know that whether this issue is right? If it is, Can I exploit it? and how? I am a beginner at testing. So, please any tester can help me out? Thanks in advance.

PortSwigger Agent | Last updated: Oct 22, 2018 09:46AM UTC

In this instance it looks like it would not be possible to exploit this issue. This has been detected by Burp's JavaScript static analysis which can generate false positives in a number of scenarios - hence us reporting the confidence as tentative. location.pathname has XSS attack characters encoded, which makes an attack impractical. And the $() selector is only a dangerous sink in older versions of jQuery.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.