Knowing and Preventing DOM-based XSS

DOM XSS are more difficult to find than traditional XSS vulnerabilities, though equally dangerous. Hence why you need to use the Netsparker scanner, which understands the Document Object Model (DOM) & easily identifies such vulnerabilities.

Get a Demo

DOM-based XSS is a type of cross-site scripting vulnerability that has become really prevalent since the introduction of modern and dynamic web applications, such as HTML5 and Single Page Applications. In these type of applications the developers shifted most of the web application logic to the client-side, so a lot of executions are done on the client’s web browser rather than on the web server.

This shift maybe makes web servers a bit more secure, because less functionality is exposed through them, but has opened new security holes DOM XSS, a modern type of browser vulnerability. Cross-site Scripting (XSS) vulnerability variants have become so commonly exploited that they are listed in the OWASP Top 10 list of most critical web security flaws.

DOM-based XSS are more difficult to detect than the traditional reflective XSS vulnerabilities, hence why it is important to use an automated DOM-based XSS scanner such as Netsparker to identify these type of vulnerabilities.

What is the DOM?

The DOM, or Document Object Model, is the foundation that allows for the dynamic web applications we depend on today. In technical terms, the DOM refers to an object-oriented model of an HTML document. It contains the objects, properties, methods, and events related to all HTML elements. With those defined, it can interface between JavaScript and the web page displayed to the user.

A client-side script can send events like keypresses or mouse clicks and the web browser can execute them and for example change the web page's appearance, without sending data back to a web server in an HTTP request and getting a new page in a response.

What Is DOM-based XSS?

Like the majority of other security vulnerabilities, DOM-based XSS vulnerabilities find their roots in lack of and poor input validation. For example, if a page puts a URL parameter directly to document.write in the JavaScript code without using safe functions or properly escaping the data, that page can be vulnerable to DOM XSS vulnerabilities.

An attacker can trick a victim into clicking a link with a JavaScript that contains malicious code, and that code will execute in the victim's web browser. These type of malicious attacks allow attackers to deliver malware, steals cookies, or steals credentials.

How Can You Detect DOM-based XSS Vulnerabilities?

DOM-based cross-site scripting is not a server side vulnerabilities because it is a vulnerability in the code being executed on the victim’s web browser, also known as client-side code. Therefore server side mitigations will not work. To protect your users and your business’ reputation from the damage of DOM-based XSS, you need to scan your web applications with a DOM XSS scanner.

Netsparker can detect DOM-based XSS vulnerabilities no matter what technologies your web application is built with. Even more, its exclusive Proof-Based Scanning™ technology means every finding is a real threat, and not a false positive. This means that vulnerabilities are automatically exploited in a safe and read only manner, and a proof of exploit is shown in the scan results. These proof of exploits highlight the payload used in the HTTP request to exploit the DOM XSS vulnerability, and also the impact the exploited vulnerability had on the web application.

This means that security teams and developers can address remediation without losing hours or days manually validating false positives. It also means developers can identify the vulnerability more quickly in the source code, and move on to writing a patch.

Contact Netsparker Today

Netsparker Web Application Security Scanner can help you protect your company's web applications from DOM-based XSS, as well as the full spectrum of website vulnerabilities. Contact us today to begin your 15-day free trial, and see how easy it is to strengthen your web security.

What our customers are saying

"I had the opportunity to compare external expertise reports with Netsparker ones. Netsparker was better, finding more breaches. It’s a very good product for me."
"As opposed to other web application scanners, Netsparker is very easy to use. An out of the box installation can detect more vulnerabilities than any other scanner."
"We chose Netsparker because it is more tailored to web application security and has features that allow the university to augment its web application security needs."