javascript - Self XSS vs Reflected XSS - Stack Overflow

admin管理员组

文章数量:1333695

What is the difference between self XSS and reflected XSS? If I find a XSS vulnerability, how do I know whether it is self XSS or reflected XSS ? I have tried reading a lot of articles on Google but am still confused. Thanks in advance!

What is the difference between self XSS and reflected XSS? If I find a XSS vulnerability, how do I know whether it is self XSS or reflected XSS ? I have tried reading a lot of articles on Google but am still confused. Thanks in advance!

• javascript
• security
• xss
• owasp
• web-application-security

Share Improve this question Follow asked May 26, 2020 at 19:08 Bhuvesh GuptaBhuvesh Gupta 4511 gold badge22 silver badges66 bronze badges 3

• security.stackexchange./questions/65142/… – Taplar Commented May 26, 2020 at 19:11
• @Taplar Thanks for the reference. I had refered to this link before too. It mainly talks about Reflected XSS and Stored XSS. I am looking for Reflected XSS vs Self XSS. :) – Bhuvesh Gupta Commented May 26, 2020 at 20:23
• What are you calling "Self XSS"? – Taplar Commented May 27, 2020 at 14:09

Add a ment  | 

2 Answers 2

Sorted by: Reset to default 5

Reflected XSS occurs when user input included in the url address is reflected in the page source un-unescape .
Now, a lot of things can be user input such as your input in search form , the url adress itself . an example is

https://vulnerable./<script>alert(1)</script>
lets say after visiting the url and you check the page source in your browser and you see <script>alert(1)</script> somewhere in the page source . This is a reflected xss and can be used to exploit other users since anyone who visited that link will have the xss fired and their cookies stolen if lacking the httponly flag

Self XSS self Xss is an xss that executes in the context of the user who submits the payload . Say web app has profile function and in the profile function you have an option to specify a nickname . now in this web app you cant view other user profiles , meaning thier is no way to make another user view your profile . Most bank apps are like this. Now, if the nick name parameter is vulnerable to xss , The xss here would be self xss because only you can view your user profile and the xss will only execute in your own context . You can agree that stealing your own cookies isnt of any impact

Reflected XSS vulnerabilities typically refer to links that you can trick people into clicking - if the user follows them then the javascript is executed, eg https://www.example./example?search=<script>alert(1);</script>

Self XSS vulnerabilities typically require the user to type something in, such as putting <script>alert(1);</script> in a form field where the value is not populated from a URL or form parameter. So you can only impact yourself with self XSS vulnerabilities unless you have a really gullible user :)

本文标签： javascriptSelf XSS vs Reflected XSSStack Overflow