TryHackMe: DOM-Based XSS
#cybersecurity#tutorial#learning#productivity
Sean Lee

Sean Lee @seanleeys

About: An ambitious cybersecurity student. Interested in all things cybersecurity. 💡 Motto: “Know the attack to build the defence.”

Joined:
Mar 10, 2025

TryHackMe: DOM-Based XSS

Publish Date: Mar 18
0 0

Which sinks can lead to DOM-XSS vulnerabilities?

The following are some of the main sinks that can lead to DOM-XSS vulnerabilities:

document.write()
document.writeln()
document.domain
element.innerHTML
element.outerHTML
element.insertAdjacentHTML
element.onevent
Enter fullscreen mode Exit fullscreen mode

The following jQuery functions are also sinks that can lead to DOM-XSS vulnerabilities:

add()
after()
append()
animate()
insertAfter()
insertBefore()
before()
html()
prepend()
replaceAll()
replaceWith()
wrap()
wrapInner()
wrapAll()
has()
constructor()
init()
index()
jQuery.parseHTML()
$.parseHTML()
Enter fullscreen mode Exit fullscreen mode

Comments 0 total

    Add comment