1. Web Security Academy
  2. Cross-site scripting
  3. CSP
  4. Lab

Lab: Reflected XSS protected by CSP, with dangling markup attack

PRACTITIONER

This lab uses CSP to mitigate against XSS attacks.

To solve the lab, perform a dangling markup attack that steals a CSRF token and uses it to change the email address of another user.

You can log in to your own account using the following credentials: wiener:peter

Note

To prevent the Academy platform being used to attack third parties, our firewall blocks interactions between the labs and arbitrary external systems. To solve the lab, you must use the provided exploit server and/or Burp Collaborator's default public server (burpcollaborator.net).

Stories from the Daily Swig about cross-site scripting

Find XSS vulnerabilities using Burp Suite

The benefits of working through PortSwigger's Web Security Academy

Get started with the Web Security Academy where you can practise exploiting vulnerabilities on realistic targets .. and its free!

Already got an account? Login here