Member-only story
Introduction
In this day and age, you really can not come barging in with an alert(1) anymore when it comes to reporting a reflected XSS bug. It may seem hard but leveraging XSS is a process that can only increase the severity of our bug so we only have things to gain from it but exactly how do we leverage this issue type and what can we gain from it?
This article will be keeping bug bounties in the back of our minds where certain exploits might not be accepted as valid reports. You also have to know that XSS in an application where all information is supposed to be public is likely to not get accepted so you should probably not look for XSS on those types of programs.
Stealing cookies is so 2002
The first thing that often springs to mind when talking about XSS is stealing cookies but while this is a very effective and impactful method, it seems every developer and their grandmother knows about the httponly that can be set on a cookie these days. We usually want to steal a session cookie and if we are in luck, we might find the value of the session cookie reflected on the page somewhere but this does not happen often at all and it’s best to count on other techniques to raise the impact of your XSS attack.
