Cross-site Scripting (XSS) Testing


When testing Cross-site Scripting (XSS), I have inserted XSS payload into response HTML file. But it didn't execute. Does it mean XSS success or not?  what is the impact in this scenario?

Thanks very much

---------------------------
XSS payload:
%A7%A2%BE%Bc%F3%E3%F2%E9%F0%F4%Be%E1%Ec%E5%F2%F4%A8%A7Watchfire%20XSS%20Test%20Successful%A7%A9%Bc%Af%F3%E3%F2%E9%F0%F4%Be

HTML file:
.............
    <table style='table-layout:fixed' width="760" border="0" cellpadding="0" cellspacing="0" align="center">
      <col width=396>
        <col width=182>
          <col width=182>
            <form name="thisForm" method="post" action="Default.aspx?langid=en&quot;&amp;gs=RQ&amp;site=%A7%A2%BE%Bc%F3%E3%F2%E9%F0%F4%Be%E1%Ec%E5%F2%F4%A8%A7Watchfire%20XSS%20Test%20Successful%A7%A9%Bc%Af%F3%E3%F2%E9%F0%F4%Be" id="thisForm">
howruaz9Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
4ToNightConnect With a Mentor Commented:
0
 
Fadi SODAH (aka madunix)Connect With a Mentor Chief Information Security Officer, CISA, CISSP, CFR, ICATE, MCSE, CCNA, CCNP, CCIP, SCSC and SCECommented:
0
 
Fadi SODAH (aka madunix)Connect With a Mentor Chief Information Security Officer, CISA, CISSP, CFR, ICATE, MCSE, CCNA, CCNP, CCIP, SCSC and SCECommented:
I highly recommend that you read the Cross-Site Scripting paper available from the OWASP website at
http://www.owasp.org/index.php/Cross_Site_Scripting

You should also have a look at the OWASP Filters Project, which provides solutions for J2EE and PHP.
http://www.owasp.org/index.php/Category:OWASP_Filters_Project
0
 
howruaz9Author Commented:
4ToNight and madunix

Thank you very much for your help
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.