target:
Tools Used:
browser
Burp suite
Vulnerability Summary:
- Type:
Reflected Cross-site scripting
- Description:
Steps to Exploit:
1.Input <> to determine whether angle brackets are filtered by the application.
2.Input<script> to check whether this tag is filtered by the WAF.
3.Use the XSS cheat sheet and Burp Intruder to identify which HTML tags are allowed by the filter.
4.Use Intruder again to test which attributes can be used with the allowed tags.
5.Find a way to exploit the XSS vulnerability using the permitted tags and attributes, and craft a working payload.
6.Create a malicious URL and send it to the victim so that the server responds with a hidden script that triggers the exploit.
Remediation:
Use parameterized queries / prepared statements
Use server‑side input validation
Escape and sanitize user input
Lessons Learned:
This lab demonstrates that even when most HTML tags and attributes are blocked by a WAF, XSS may still be possible by enumerating which tags and event handlers are allowed. By systematically testing inputs with Burp Intruder and using an XSS cheat sheet, attackers can discover permitted combinations of tags and attributes and craft a payload that bypasses the filter. Proper defenses should rely on strict output encoding rather than blacklist-based filtering.
Top comments (0)