Security Test: XSS via Domain Takeover¶
Description¶
Default Severity:
This vulnerability happens when an attacker takes control of a trusted domain—often due to misconfigurations, outdated services, or DNS issues—and uses it to inject harmful scripts into web pages. When users visit these pages, the malicious code runs automatically, which can lead to stolen credentials, hijacked sessions, or other forms of data theft. Developers often fall into traps like neglecting to properly secure external or legacy domains, or failing to monitor DNS configurations regularly. This attack is especially dangerous because it doesn't require users to click or interact, and it exploits the trust users have in a valid-looking domain.
Configuration¶
Identifier:
configuration/xss_via_domain_takeover
Examples¶
All configuration available:
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API8:2023 |
| OWASP LLM Top 10 | LLM05:2023 |
| PCI DSS | 6.1 |
| GDPR | Article-32 |
| SOC2 | CC9 |
| PSD2 | Article-95 |
| ISO 27001 | A.12.6 |
| NIST | SP800-81-2 |
| FedRAMP | SC-20 |
| CWE | 284 |
| CVSS Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
| CVSS Score | 3.0 |