Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

DOM-based link manipulation on detected on BURP scan

J | Last updated: Mar 17, 2022 03:58PM UTC

I was given a BURP report to analyze, and development of Web Apps is not my forte. I'm hoping someone can help with this. The following issues were detected on a BURP scan - The application may be vulnerable to DOM-based link manipulation. 1. Data is read from location.href and passed to the 'href' property of a DOM element via the following statement - originAnchor.href = location.href; 2. Data is read from document.location.href and passed to the 'href' property of a DOM element via the following statement - base.href = document.location.href; Each of these findings, there were two responses, both the same: Response 1: ... various header info ... <!DOCTYPE html> <!-- $Header: R:\somedir\somedir\somedir\xx\index.html-arc 1.27 04 Jan 2022 14:15:44 somedate $ --> <html lang="en"> Response 2: ... various header info ... /*! * jQuery JavaScript Library v3.5.1 * https://jquery.com/ * I assume that Response 1 is showing up because of the internal configuration documentation that contains the literal "$Header", and response 2 is showing up because of the https://jsquery.com. Note that both responses are within Comments directives - they are there for internal documentation, and not there to be actually run by the the end user of the web application. In this case, aren't the two findings false findings on the Scan?

James, PortSwigger Agent | Last updated: Mar 21, 2022 01:18PM UTC