logo
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
Offline andrewt2m  
#1 Posted : 04 January 2022 14:02:06(UTC)
andrewt2m

Rank: Advanced Member

Groups: Registered
Joined: 21/09/2020(UTC)
Posts: 100
United Kingdom
Location: Reading

Thanks: 4 times
Was thanked: 1 time(s) in 1 post(s)
We have been seeing some attacks today from a site trying to defraud eCommerce sites.

The attack was from a possibly disgruntled customer using a Microsoft Proxy in Germany at: 51.4.145.17 Shhh

?wvstest=javascript:domxssExecutionSink(1,"'\"><xsstag>()locxss")#javascript:domxssExecutionSink(1,"'\"><xsstag>()locxss")

Which is an attempt at injecting JavaScript using the penetration tool Acunetix. This specific attack was a DOM based XSS as see from the function domxssExecutionSink. If you wanted to echo the query parameter wvstest directly to the page, then that JavaScript would have been executed on the server side of your site. The Acuntetix vulnerability is shown here: http://www.acunetix.com/...rt/vulnerability-checks/ and the DOM XSS details are here: https://www.owasp.org/index.php/DOM_Based_XSS

Sponsor

If you ever wanted to thank us, you can send us Bitcoins using: 12G4A52Znm5s35buKDEmKU2p2vQY69Nsyo

or PayPal with This Link

All opinions expressed within these pages are sent in by members of the public or by our staff in their spare time, and as such do not represent any opinion held by sircles.net Ltd or their partners.

Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Trustpilot