1

A scan with Burp has identified a DOM-Based cross-site scripting vulnerability.

The only script with a sink is the following.

Do you think it's a false positive? (Can I make it more secure in some way?)

var sPageURL = window.location.pathname; var urlParts = sPageURL.split('/'); var page = urlParts[urlParts.length - 1]; var elem = $("a[href!=\\#]").filter(function () { //console.log(this.href + ' ' + this.href.toLowerCase().indexOf(page.toLowerCase())); return ((this.href.toLowerCase().indexOf(page.toLowerCase()) > 0) && (this.href.indexOf('#') < 0)); });

Then elem is used only to set a class on its parent, the following way:

elem.parent().addClass("active"); elem.parent().closest("li.treeview").addClass("active");
Improve this question
2
  • How does elem get used?
    – Gray
    CommentedMay 29, 2020 at 22:46
  • @Gray you're right, it's fundamental to define how it is used. I've added in the question. Thanks
    – Giox
    CommentedJun 1, 2020 at 7:17

1 Answer 1

Reset to default
2

Even if page could be whatever you want, its only use is to match other links on the page to add the active class.

The worst thing you could do would be setting all links in the page as active.

In my opinion, this doesn't count as a XSS vulnerability since no malicious code would be executed.

Improve this answer

    You must log in to answer this question.

    Start asking to get answers

    Find the answer to your question by asking.

    Ask question

    Explore related questions

    See similar questions with these tags.