Blind XSS

Blind XSS is similar to a stored-xss in that your payload gets stored on the website for another user to view, but in this instance, we can't see the payload working or be able to test it against yourself first.

Example Scenario

A website has a contact form where we can message a member of staff. The message content doesn't get checked for any malicious code, which allows the attacker to enter anything they wish. These messages then get turned into support tickets which staff view on a private web portal.

Potential Impact

Using the correct payload, the attacker's JavaScript could make calls back to an attacker's website, revealing the staff portal URL, the staff member's cookies, and even the contents of the portal page that is being viewed.

Now the attacker could potentially hijack the staff member's session and have access to the private portal.

When testing for Blind XSS vulnerabilities, we need to ensure your payload has a callback (usually an HTTP request). This way, we know if and when your code is being executed.

Configuring-jest

Cypress

Fundamentals

Jest

Recce

Burp

Nmap

Dvwa

PicoCTF

Thm

React-query

Macros

Blind XSS ​

Example Scenario ​

Potential Impact ​

How to test for Blind XSS ​

Blind XSS

Example Scenario

Potential Impact

How to test for Blind XSS