Ts Dom Stored Xss

Description

Detects DOM-based stored Cross-Site Scripting (XSS) vulnerabilities where untrusted data is unsafely stored and later rendered to the DOM. This can allow attackers to inject and execute malicious JavaScript code in victim browsers through persistent storage mechanisms.

Weakness:

371 - DOM-Based cross-site scripting (XSS)

Category: Unexpected Injection

Detection Strategy

• Check for calls to DOM manipulation functions like innerHTML, outerHTML, or document.write

• Verify if the values being assigned to these DOM functions come from untrusted or user-controllable sources

• Analyze if the values are properly sanitized before being used in DOM operations

• Look for member access operations that modify HTML content directly

• Flag cases where unsanitized data from storage (like localStorage or IndexedDB) is rendered to the DOM

Vulnerable code example

// Retrieve data from persistent storage
const storedData = localStorage.getItem("userContent");

// VULNERABLE: Directly writing untrusted data to DOM
document.write(storedData); // Data from localStorage rendered as HTML without sanitization

✅ Secure code example

// Retrieve data from persistent storage
const storedData = localStorage.getItem("userContent");

// SAFE: Using textContent to prevent XSS - content is treated as plain text, not HTML
const container = document.createElement('div');
container.textContent = storedData; 
document.body.appendChild(container);
// Alternative approach using DOMPurify if HTML rendering is required:...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.