Support Center

Burp Community

See what our users are saying about Burp Suite:

How do I?

New Post View All

Feature Requests

New Post View All

Burp Extensions

New Post View All

Bug Reports

New Post View All
Documentation

Burp Suite Documentation

Take a look at our Documentation section for full details about every Burp Suite tool, function and configuration option.

Full Documentation Contents Burp Projects
Suite Functions Burp Tools
Options Using Burp Suite
Extensibility

Burp Extender

Burp Extender lets you extend the functionality of Burp Suite in numerous ways.

Extensions can be written in Java, Python or Ruby.

API documentation Writing your first Burp Suite extension
Sample extensions View community discussions about Extensibility
Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Potential False Positive DOM Based XSS - 2

Ozgur Alp Apr 14, 2018 09:07AM UTC

Hi,

Burp reported this below lines as Dom Based XSS vulnerability with Severity: High, Confidence: Firm. I didn't find a way to exploit this lines within a scenario since document.body.classList.add function is used only for creating body tags within class name. (E.g. on the inspector result is <body class="PAYLOAD">). Since this function is escaped characters like " and > there is no way to get outside of the " characters and class attribute. How can this type of XSS vulnerability be exploited, or is it a false positive?

var parts = location.search.split('=');
var part = parts[1];
document.body.classList.add(part);

Best regards,
Ozgur


Paul Johnston Apr 16, 2018 08:27AM UTC Support Center agent

Hi Ozgur,

Thanks for getting in touch. Yes, this finding looks like a false positive to me. We have a rule for add() because the jQuery add function is an XSS sink. However classList.add is not a sink.

Please let us know if you need any further assistance.


Post Your public answer

Your name
Your email address
Answer