• caglararli@hotmail.com
  • 05386281520

CVSS 3.0 score for reflected XSS vulnerability in GET parameter [closed]

Çağlar Arlı      -    30 Views

CVSS 3.0 score for reflected XSS vulnerability in GET parameter [closed]

There is a website that allows searching for content (without need for authentication). It uses GET parameter named "query" to search and it is vulnerable to reflected XSS. What is CVSS 3.0 score in the following scenarios?:

  1. Vulnerable to reflected XSS but HttpOnly flag is set and it is not possible to send a request to attacker website with javascript.
  2. Vulnerable to reflected XSS but HttpOnly flag is not set and it is not possible to send a request to attacker website with javascript.
  3. Vulnerable to reflected XSS but HttpOnly flag is not set and it is possible to send cookies to attacker website with javascript due to misconfig in HTTP header like CSP or samesite flag misconfig.