1. Web Security Academy
  2. DOM-based
  3. Cookie manipulation
  4. Lab

Lab: DOM-based cookie manipulation


This lab demonstrates DOM-based client-side cookie manipulation. To solve this lab, inject a cookie that will cause XSS on a different page. You will need to use the exploit server in order to direct the victim to the correct pages. The lab is solved when the user's document.cookie is alerted.

Find DOM-based vulnerabilities using Burp Suite

The benefits of working through PortSwigger's Web Security Academy

Get started with the Web Security Academy where you can practise exploiting vulnerabilities on realistic targets .. and its free!

Already got an account? Login here