title: Cross Site Scripting Strings id: 65354b83-a2ea-4ea6-8414-3ab38be0d409 status: experimental description: Detects XSS attempts injected via GET requests in access logs author: Saw Win Naung, Nasreddine Bencherchali date: 2021/08/15 modified: 2022/06/14 references: - https://github.com/payloadbox/xss-payload-list - https://portswigger.net/web-security/cross-site-scripting/contexts logsource: category: webserver detection: select_method: cs-method: 'GET' keywords: - '=