I've got a web application in which there are several XSS vulnerabilities on it, on the Profile Page for example there is a text box which is vulnerable to XSS along with the Messages Page. They both have text boxes yet when I add some XSS into the Profile Page, the pop up also comes up in the messages section and I cant figure out why. I've attached some screenshots for more information. If anyone can explain why this does this, id be very great full.
The below Links are for visuals of the application
https://i.stack.imgur.com/sqPl2.png
https://i.stack.imgur.com/nU7b5.png
https://i.stack.imgur.com/Mh48n.png
https://i.stack.imgur.com/47wHP.png
These are the source code images/files Profile Page Source Code:
https://drive.google.com/file/d/1fA_Zoa7z4fdhBBzW2-e3Wm-fWF1qwXw7/view?usp=sharing
Message Page Code:
https://drive.google.com/file/d/1YApsri_3YSmUwlRfyajcebgpe26L37TZ/view?usp=sharing
Aucun commentaire:
Enregistrer un commentaire