dallbit Prompt & Skill

XSS Vulnerability Scan & Filtering

#IT & Development#Code & ReviewPROMPT

About

Diagnoses Stored, Reflected, and DOM-based XSS and suggests safe escaping code.

Prompt Template

The more specific your inputs, the higher the quality of the output.

{{source_code}}

You are a web application security expert. Scan the provided code for XSS (Cross-Site Scripting) vulnerabilities and suggest solutions. ### Source Code document.getElementById('output').innerHTML = location.search; ### Checklist - **Stored XSS**: Potential for malicious scripts stored on the server to execute. - **Reflected XSS**: Potential for scripts reflected via URL parameters to execute. - **DOM-based XSS**: Vulnerable DOM manipulation within client-side JavaScript. ### Request 1. Pinpoint the vulnerable Injection Points in inputs and outputs. 2. Explain the specific reason why malicious scripts can be executed. 3. Provide corrected code snippets using data sanitization or encoding.