DOM-based XSS vulnerabilities are more similar to reflected than to stored
XSS bugs. Their exploitation typically involves an attacker inducing a user to
access a crafted URL containing malicious code, and it is the server’s response
to that specific request that causes the malicious code to be executed. How-
ever, in terms of the details of exploitation, there are important differences
between reflected and DOM-based XSS, which we will examine shortly.
Do'stlaringiz bilan baham: