1. Web Security Academy
  2. Cross-site scripting
  3. DOM-based
  4. Lab

Lab: Reflected DOM XSS

PRACTITIONER

This lab demonstrates a reflected DOM vulnerability. Reflected DOM vulnerabilities occur when the server-side application processes data from a request and echoes the data in the response. A script on the page then processes the reflected data in an unsafe way, ultimately writing it to a dangerous sink.

To solve this lab, create an injection that calls the alert() function.