You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What steps will reproduce the problem?
1. Load URL http://cloudscan.org
2. Script Code from document.location executes via DOM manipulation by
innerHTML property in https://a12.alpha.godaddy.com
3. Can also use DOMinator from OWASP to see same, Acunetix etc..
What is the expected output? What do you see instead?
Expected to fingerprint DOM-XSS in document.location path part at innerHTML and
also vuln are location.ToString and referrer.
What version of the product are you using? On what operating system?
I am using Windows 2008 R2 Server 64bit with Chrome 12.0.742.122 and
the download for DOMSnitch.. great tool!
This is a False Negative report on the assumption that is should be
fingerprinting on innerHTML.. but perhaps I am reading your spec wrong.
Sorry of this is noise...
Original issue reported on code.google.com by [email protected] on 22 Jul 2011 at 2:44
The text was updated successfully, but these errors were encountered:
Original issue reported on code.google.com by
[email protected]on 22 Jul 2011 at 2:44The text was updated successfully, but these errors were encountered: