Hello all, this is my first blog post in English and my first blog post in the last 3 years, so be nice :)
Recently I found a very interesting DOM based XSS in one of the Pingdom’s services.
The service is Pingdom Website Speed Test .
I’m certain that all of you use/used it sometimes. What makes it interesting you may aks? Well the the input that was later executed in DOM was a site’s response header.
The following header was used for testing purposes:
Frankly I was really surprised when the payload executed on mouse over.
Here is a video:
This issue was reported and Pingdom did deploy a fix, the fix included creating data in text nodes from site’s response headers.
So remember you can find a XSS by testing the strange and unexpected user inputs. Stay safe!
Note: I use a FF black theme because the white color hurts my eyes, not because I’m some u83r l33t h4xor :P