XSS Vulnerability Reproduction – Exchange Information Security Stacks

I have a Qualys web application scan report that says I have an XSS vulnerability. It is explained that this was detected by requesting a malicious payload and evaluating the answer.

If I make the same request, I get another answer that does not seem to be prone.

The request: https://my.site/asection/Some%20Param?">=

Answer the scanner receives:

=" class="current">

Answer I get:


Why can not I duplicate the results of the scanner? What do I have to do to get a clean scan?

xss – why is Javascript not displayed?

javascrip% 74 is not a valid schema for a production browser. It is evaluated in the URL encoding as javascrip% 2574.

For a list of valid protocols used in Chromium-based browsers, see the following file. I have highlighted the line with the & # 39; javascript & # 39; protocol. https://cs.chromium.org/chromium/src/url/url_constants.cc?dr=C&g=0&l=26

The processing of URLs can in turn be viewed in Chromium-based browsers in the source files: https://cs.chromium.org/chromium/src/url/origin.h?dr=CSs&g=0

Injection – How to inject XSS into Angular 1.5.11?

I found HTML injection on a site whose framework is angular 1.5.11 (vulnerable version by expression). And since I find no expression, I can not take advantage of Angular. but i found html injection which is answered by 400 bad request. and I have done some tags (img, a and others). Can not be executed (iframe, script and onload, onerror events do not work) because angle cleans them up.

Is this really vulnerable to an XSS attack?

I have a form in the mobile version of a page on my site starting with the following HTML: