Document Object Model Cross Site Scripting on WordPress

OWASP 2013-A3 OWASP 2017-A7 OWASP PC-C4 PCI v3.2- CAPEC-19 CWE-79 HIPAA-79 ISO27001-A.14.2.5 WASC-8 WSTG-CLNT-01

Document Object Model Based Cross Site Scripting is an XSS attack. In this vulnerability, the attack payload is executed as a result of modifying the Document Object Model environment in the victim’s browser. The old versions of WordPress allows remote attackers to inject malicious JavaScript code. This code exploits the Document Object Model based cross site scripting vulnerability. Here, the attacker sends an E-mail to the website users with a link. This link is used to exploit the vulnerability. It triggers a script that steals the user’s cookie. The other method is to post a link as comments in social media platforms.

Example

The following is the example code

Select your language:

        <select><script>
        
        document.write("<OPTION value=1>"+document.location.href.substring(document.location.href.indexOf("default=")+8)+"</OPTION>");
        
        document.write("<OPTION value=2>English</OPTION>");
        
        </script></select>
        

    

The above code can be invoked by:-

http://www.some.site/page.html?default=French

A Document Object Model Cross Site Scripting attack can be accomplished by sending the below link to a possible victim.

        http://www.some.site/page.html?default=<script>alert(document.cookie)</script>

    

Impact

The impact include:-

  • Cross-site scripting.
  • Possible data breach.

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Upgrading the WordPress to latest version.

Latest Articles