Reset Password · PC & Mac Help and Assistance

Welcome Guest! To enable all features please Login or Register

()locxss") #javascript:domxssExecutionSink(1,"">

Posted by: andrewt2m - 04 January 2022 14:02:06
We have been seeing some attacks today from a site trying to defraud eCommerce sites. The attack was from a possibly disgruntled customer using a Microsoft Proxy in Germany at: 51.4.145.17 :-$ ?wvstest=javascript:domxssExecutionSink(1,"'\">()locxss")#javascript:domxssExecutionSink(1,"'\">()locxss") Which is an attempt at injecting JavaScript using the penetration tool Acunetix. This specific attack was a DOM based XSS as see from the function domxssExecutionSink. If you wanted to echo the query parameter wvstest directly to the page, then that JavaScript would have been executed on the server side of your site. The Acuntetix vulnerability is shown here: http://www.acunetix.com/support/vulnerability-checks/ and the DOM XSS details are here: https://www.owasp.org/index.php/DOM_Based_XSS

Posted by: andrewt2m - 04 January 2022 14:02:06

We have been seeing some attacks today from a site trying to defraud eCommerce sites. The attack was from a possibly disgruntled customer using a Microsoft Proxy in Germany at: 51.4.145.17 :-$ ?wvstest=javascript:domxssExecutionSink(1,"'\">()locxss")#javascript:domxssExecutionSink(1,"'\">()locxss") Which is an attempt at injecting JavaScript using the penetration tool Acunetix. This specific attack was a DOM based XSS as see from the function domxssExecutionSink. If you wanted to echo the query parameter wvstest directly to the page, then that JavaScript would have been executed on the server side of your site. The Acuntetix vulnerability is shown here: http://www.acunetix.com/support/vulnerability-checks/ and the DOM XSS details are here: https://www.owasp.org/index.php/DOM_Based_XSS

Important Information: