1. Web Security Academy
  2. DOM-based
  3. Cookie manipulation
  4. Lab

Lab: DOM-based cookie manipulation


This lab demonstrates DOM-based client-side cookie manipulation. To solve this lab, inject a cookie that will cause XSS on a different page. You will need to use the exploit server in order to direct the victim to the correct pages. The lab is solved when the user's document.cookie is alerted.

Try Burp Suite for Free

Find DOM-based vulnerabilities using Burp Suite

Try for free