1. Documentation
2. The ZAP Desktop User Guide
3. Add-ons
4. DOM XSS Active Scan Rule
5. DOM XSS Active Scan Rule - About

DOM XSS Active Scan Rule - About

Source Code

https://github.com/zaproxy/zap-extensions/tree/main/addOns/domxss

Authors

Aabha Biyani, and the ZAP Dev Team

History

Version 9 - 2019-06-12

• Use default browser when no browser is specified in the configuration rule.

Version 8 - 2019-06-07

• Run with Firefox headless by default (Issue 3866).
• Depend on newer version of Selenium add-on.

Version 7

• Issue 2918: Added an option to attack URL parameters.

Version 6

• Minor code changes.
• Add XSS Polyglot (Issue 2322).

Version 5

• Updated for 2.7.0.

Version 4

• Allow to use newer versions of Firefox (Issue 3396).
• Provide the reason why the scanner was skipped.