I read from here that:
DOM-based XSS Attacks: the payload is executed as a result of modifying the DOM environment in the victim’s browser used by the original client side script, so that the client side code runs in an unexpected manner. That is, the page itself does not change, but the client side code contained in the page executes differently due to the malicious modifications that have occurred in the DOM environment.
Could anyone give an example of it? It's not as easy to picture as the Stored XSS Attack and Reflected XSS Attack.
Aucun commentaire:
Enregistrer un commentaire