Navigation section
dom xss
About this tag
DOM XSS (Document Object Model-based Cross-Site Scripting) is a web security vulnerability where client-side scripts inject malicious code into a web page's DOM, often bypassing server-side filters. On WindowsForum.com, discussions cover techniques for hunting DOM XSS vulnerabilities using tools like Semmle QL, a query language for code analysis. Topics include applying Semmle QL to web security, identifying DOM XSS patterns in JavaScript, and integrating vulnerability hunting into development workflows. These threads are relevant for security researchers, penetration testers, and developers working with Microsoft technologies or seeking to improve web application security.
-
Vulnerability hunting with Semmle QL: DOM XSS
In two previous blog posts ( part 1 and part 2), we talked about using Semmle QL in C and C++ codebases to find vulnerabilities such as integer overflow, path traversal, and those leading to memory corruption. In this post, we will explore applying Semmle QL to web security by hunting for one of...- News
- Thread
- c++ code analysis dom xss integer overflow memory issues path traversal semmle ql vulnerability web security
- Replies: 0
- Forum: Security Alerts