Lab: DOM XSS in
innerHTML sink using source
This lab contains a DOM-based cross-site scripting vulnerability in the search blog functionality. It uses an
innerHTML assignment, which changes the HTML contents of a
div element, using data from
To solve this lab, perform a cross-site scripting attack that calls the
Enter the following into the into the search box:
<img src=1 onerror=alert(1)>
- Click "Search".
The value of the
src attribute is invalid and throws an error. This triggers the
onerror event handler, which then calls the
alert() function. As a result, the payload is executed whenever the user's browser attempts to load the page containing your malicious post.