Document Object Model Based Cross Site Scripting is an XSS attack. In this vulnerability, the attack payload is executed as a result of modifying the Document Object Model environment in the victim’s browser. The old versions of WordPress allows remote attackers to inject malicious JavaScript code. This code exploits the Document Object Model based cross site scripting vulnerability. Here, the attacker sends an E-mail to the website users with a link. This link is used to exploit the vulnerability. It triggers a script that steals the user’s cookie. The other method is to post a link as comments in social media platforms.
Example
The following is the example code
Select your language:
<select><script>
document.write("<OPTION value=1>"+document.location.href.substring(document.location.href.indexOf("default=")+8)+"</OPTION>");
document.write("<OPTION value=2>English</OPTION>");
</script></select>
…
The above code can be invoked by:-
http://www.some.site/page.html?default=French
A Document Object Model Cross Site Scripting attack can be accomplished by sending the below link to a possible victim.
http://www.some.site/page.html?default=<script>alert(document.cookie)</script>
Impact
The impact include:-
- Cross-site scripting.
- Possible data breach.
Mitigation / Precaution
This vulnerability can be fixed by:-
- Upgrading the WordPress to latest version.
