W-XSS-REFLECTEDImpact

Reflected XSS

Payload echoed back in the response — phish a victim into clicking the malicious URL to fire JS in their session.

§ Where this technique fits

W-XSS-REFLECTED is catalogued under the Impact tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 2 on average.

§ Dossiers chaining this technique

Web cache poisoning → XSS → admin session hijack
An unkeyed header reflects into the response. Poison the cache with a payload, wait for an admin to fetch the cached page, exfiltrate their session.
step 2 / 6

§ What commonly comes next

01
Web Cache Poisoning
W-CACHE-POISON · Impact
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

Web cache poisoning → XSS → admin session hijack

§ What commonly comes next