原始文本 - 英语 - DOM based Cross-site Scripting vulnerabilities...

To exploit this vulnerability, the attacker sends a link to the victim;


The domxsspage.html would contain code like the below:



The code can be activated either automatically or by user interaction. When the victim is transferred to the vulnerable page, the code from the attacker will be executed in the context of the page. This vector i