⚰️DOM-based XSS

What is DOM-based XSS (cross-site scripting)? Tutorial & Examples | Web Security AcademyWebSecAcademy

Lab: DOM XSS in document.write sink using source location.search

We can see tha t the search input is treated as a img:

We now need to escape from this query, then onload:

"><svg onload=alert(1)>

Lab: DOM XSS in document.write sink using source location.search inside a select element