June 2018
Intermediate to advanced
294 pages
7h 5m
English
In the first two types above, we've used the HTML to exploit the XSS vulnerability. DOM XSS injection, however, is accomplished through the JavaScript code instead of the HTML elements. Let's see a practical example:
This page uses the username query string value (which is anonymous in this case) to display on the page (it shows in the message This password is for [username]).

Read now
Unlock full access