Buy a Burp Suite Certified Practitioner exam, pass before 15 Dec, and we'll refund your $99.  –   Find out more
  1. Web Security Academy
  2. Clickjacking
  3. Lab

Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS

PRACTITIONER

This lab contains an XSS vulnerability that is triggered by a click. Construct a clickjacking attack that fools the user into clicking the "Click me" button to call the print() function.

Note

The victim will be using Chrome so test your exploit on that browser.

Register for free to track your learning progress

The benefits of working through PortSwigger's Web Security Academy
  • Practise exploiting vulnerabilities on realistic targets.

  • Record your progression from Apprentice to Expert.

  • See where you rank in our Hall of Fame.

Already got an account? Login here