 |
|---|
| Portswigger Academy DOM-based vulnerabilities Labs |
Introduction
What?
DOM-based vulnerabilities arise when a website contains JavaScript that takes an attacker-controllable value, known as a source, and passes it into a dangerous function, known as a sink.
Why?
Many DOM-based vulnerabilities can be traced back to problems with the way client-side code manipulates attacker-controllable data.