description = [[ It looks for places where attacker-controlled information in the DOM may be used to affect JavaScript execution in certain ways. The attack is explained here: http://www.webappsec.org/projects/articles/071105.shtml ]] --- -- @usage nmap -p80 --script http-dombased-xss.nse -- -- DOM-based XSS occur in client-side JavaScript and this script tries to detect -- them by using some patterns. Please note, that the script may generate some -- false positives. Don't take everything in the output as a vulnerability, if -- you don't review it first. -- -- Most of the patterns used to determine the vulnerable code have been taken -- from this page: https://code.google.com/p/domxsswiki/wiki/LocationSources -- -- @args http-dombased-xss.singlepages The pages to test. For example, -- {/index.php, /profile.php}. Default: nil (crawler mode on) -- -- @output -- PORT STATE SERVICE REASON -- 80/tcp open http syn-ack -- | http-dombased-xss: -- | Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=some-very-random-page.com -- | Found the following indications of potential DOM based XSS: -- | -- | Source: document.write("