This article details a security researcher’s discovery of a DOM-based XSS vulnerability involving reflection and unvalidated user input within a web application. Exploiting this flaw enabled token exfiltration and complete account takeover via SSO, highlighting the importance of input validation. #DOMXSS #SSOThreats
Keypoints
- A reflection of the returnUrl parameter led to a DOM-based XSS vulnerability.
- The XSS was exploited to exfiltrate user cookies and tokens from the browser.
- Tokens retrieved through XSS enabled authentication bypass and account takeover.
- The vulnerability exploited the application’s insecure handling of URL parameters and data attributes.
- Early reporting and patching mitigated the risk of widespread damage from the flaw.