XSS DOM-Based
Last updated
Last updated
Go to login page form
and log in using login bypass or inserting password.
Go to a page vulnerable to XSS stored like as:
in this two field will inject our payload:
the image 1 does not exist, so the alert will be triggered, the command will be injected into DOM and execute on the page: