Reflected and Self XSS

"><svg/onload=alert(0)>

 
Registered
Joined
Dec 15, 2019
Messages
11
Points
3
Hope you all are Good,
I have a question, I am testing site and they are vul to XSS .
Name fields are vul to XSS and when i go to profile XSS triaged . its reflected or self?? how it impacts on other users??
any impact, please ??
 

numaN

Growth Hacker
Staff member
Administrator
Joined
Sep 11, 2019
Messages
49
Points
18
Hey,
Open incognito mode in your browser and visit your profile page, if xss triaged it is Unauthenticated Stored XSS, the most risky xss type and it is an high risk vulnerability.

If visitors have to log in their account to see your profile, it is Authenticated Stored XSS, it is a medium risk vulnerability.

If only you can see your profile and run xss, it is Self XSS and it is low risk.

And if your XSS payload is in URL or any user input it is Reflected XSS (rXSS).

It seems you have discovered Stored XSS. Let you check unauthenticated users can see this or not.

Tip 1: You can convert your Self XSS to good XSS with clickjacking vulnerability. (Because of missing X-Frame-Options header.)
Tip 2: If the website is asp.net, let you check this so you can convert Reflected XSS to Stored XSS.
 

"><svg/onload=alert(0)>

 
Registered
Joined
Dec 15, 2019
Messages
11
Points
3
Thank you so much for your detailed answer. I am very happy to see your explained reply.

in my case its I think it's Self XSS. Because I am the only who can see the js pop up.

yeah, the application is Asp.net I have already reading your post .
 

numaN

Growth Hacker
Staff member
Administrator
Joined
Sep 11, 2019
Messages
49
Points
18
Create another profile and visit js-embedded one, if it is working it is an useful vulnerability.
Thank you so much for your detailed answer. I am very happy to see your explained reply.

in my case its I think it's Self XSS. Because I am the only who can see the js pop up.

yeah, the application is Asp.net I have already reading your post .
 
Top