Feedback: AST: DAST Support for XSS (CWE-79)

Summary

The groupdynamic analysis team has added support for XSS (CWE-79). Specifically this work introduces support for Reflected XSS attacks. In the future there will be additional XSS attack types introduced.

This introduces a significant addition to our DAST scanner. Because of this we have opted to put this feature behind a feature flag so users can optionally turn on this DAST check.

The purpose of this issue is to gather feedback on this support and directly answer questions relating to this functionality.

Please leave a comment below with any questions, feedback, or concerns relating to this new DAST check.

Reflected XSS

A Reflected XSS attack occurs when an application is provided data via HTTP request and subsequently includes that data within the immediate response in an unsafe manner, rather than storing it on a server.

In cases of a reflected XSS attack, malicious actors can control a script in the target user's browsers, which ultimately compromises that user. This can allow undesirable control of the user's browser within a given application. This can lead to:

• Control the application on behalf of the user
• Have view from the perspective of the user
• Alter information that is accessible to the user