Skip to content

Configuration: XSS via Domain Takeover

Identifier: xss_via_domain_takeover

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner

Description

This vulnerability happens when an attacker takes control of a trusted domainoften due to misconfigurations, outdated services, or DNS issuesand uses it to inject harmful scripts into web pages. When users visit these pages, the malicious code runs automatically, which can lead to stolen credentials, hijacked sessions, or other forms of data theft. Developers often fall into traps like neglecting to properly secure external or legacy domains, or failing to monitor DNS configurations regularly. This attack is especially dangerous because it doesn't require users to click or interact, and it exploits the trust users have in a valid-looking domain.

Configuration

Example

Example configuration:

---
security_tests:
  xss_via_domain_takeover:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference

assets_allowed

Type : List[AssetType]*

List of assets that this check will cover.

skip

Type : boolean

Skip the test if true.