Home/ Questions/Q 8706669
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-13T03:40:14+00:00

Background: We used a tool to scan our system. it found a XSS vulnerability.

  • 0

Background:
We used a tool to scan our system. it found a XSS vulnerability.
Steps to scan:
Injected item: POST: localeCountry <– which is a enum value can’t be changed into XSS string and stored in server.
Injection value: >’>alert(“XSS warning!”)
Detection value: >’>alert(“XSS warning!”)
Detected in attack response page, which found inside a link.

I thinks this is an invalid vulnerability because the injected item will not be persistent or effect other users.
It’s better to escape all parameters but I wonder is this vulnerability valid or not?

Question:
1. Is there anyway let other user click on your XSS trap by this vulnerability?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, it’s definitely a vulnerability. Someone on another site could code a form, like this:

    <form action="http://example.com/vulnerable_service" method="POST">
    <input type="hidden" name="localeCountry" value="&gt;'&gt;alert('XSS!');">
    <input type="submit" value="Click me!!">
</form>

    When a user clicks on that button on the attacker’s site, they would be redirected to your site, but their XSS’d code would run in your site’s security context and could steal cookies and such. (Of course, the POST could be made automatic through JavaScript, making it tough for users to avoid). The attack string need not be stored in a database; XSS simply relies on a malicious string being echoed to the user without escaping.

    Moral of the story: you should fix that hole.

    • 0