Statements (22)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:affects |
web applications
|
| gptkbp:alsoKnownAs |
gptkb:DOM_XSS
|
| gptkbp:cause |
data theft
session hijacking arbitrary code execution |
| gptkbp:causedBy |
improper handling of user input in the DOM
|
| gptkbp:compatibleWith |
server-side code injection
|
| gptkbp:describedBy |
gptkb:OWASP_XSS_documentation
|
| gptkbp:exploits |
client-side JavaScript
|
| gptkbp:firstDescribed |
2005
|
| gptkbp:mitigatedBy |
input validation
output encoding using safe JavaScript APIs |
| gptkbp:partOf |
gptkb:cross-site_scripting
|
| gptkbp:requires |
malicious input reflected in the DOM
|
| gptkbp:bfsParent |
gptkb:cross-site_scripting
gptkb:Cross-site_scripting_(XSS) gptkb:XSS_(Cross-site_scripting) gptkb:cross-site_scripting_(XSS) |
| gptkbp:bfsLayer |
6
|
| https://www.w3.org/2000/01/rdf-schema#label |
DOM-based XSS
|