Burp Suite User Forum

Login to post

DOM-based XSS

Kingkong | Last updated: Dec 09, 2019 06:36AM UTC

Hi , I got the message like this : The application may be vulnerable to DOM-based cross-site scripting. Data is read from location.hash and passed to $() The response is : var id = location.hash.replace('#', ''); $elem = $( '[data-' + PLUGIN_NAME + '-id="' + id + '"]' ); How can I exploit this ? Thanks so much

Ben, PortSwigger Agent | Last updated: Dec 09, 2019 09:11AM UTC

Hi, Our support service is here to provide technical advice with Burp Suite. Unfortunately, we cannot provide specific assistance with exploiting individual vulnerabilities.

You need to Log in to post a reply. Or register here, for free.