Stored XSS on Angular JS 1.4.9

  1. BurpSuite
  1. 1. Go to<user_account>/UsefulLinks/ So There is a Fields one is Website Name and Other is URL.
  2. Here URL is the Vulnerable Parameter.
    (When we simply put the Payload in URL parameter the website Rejects this only on Client side Like it gives an error. But When we put the same payload in the BurpSuite. It cannot validate this payload. which means the payload only validate on the client side.)
  3. In Website Name Type anything example “XSS” and In URL field put url like
  4. Click on submit and capture this request in Burp Suite. and In Burp Suite replace the URL which is to the javascript:confirm(“Stored_XSS”);
Vulnerable Field
<div class="col-sm-12 form-group">
<label class="col-sm-5 control-label no-padding-right" for="UL_URL">URL<span class="red">*</span></label>
<div class="col-sm-4">
<input id="UL_URL" name="UL_URL" class="form-control required" placeholder="http://" type="text" value="http://"><span></span>
Burp Screenshot
Trigger XSS

Penetration Tester, Bug Bounty Hunter, Security Researcher

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vishal Bharad

Vishal Bharad

Penetration Tester, Bug Bounty Hunter, Security Researcher

More from Medium

Javascript Security — Weak Type Bypass

Multi XSS Exploit in Upload File

HTTP Header Injection

Authentication Bypass using OTP