# DOM-based vulnerabilities

- [Lab 1: DOM XSS using web messages](/web/dom-based-vulnerabilities/lab-1-dom-xss-using-web-messages.md): https://portswigger.net/web-security/dom-based/controlling-the-web-message-source/lab-dom-xss-using-web-messages
- [Lab 2: DOM XSS using web messages and a JavaScript URL](/web/dom-based-vulnerabilities/lab-2-dom-xss-using-web-messages-and-a-javascript-url.md): https://portswigger.net/web-security/dom-based/controlling-the-web-message-source/lab-dom-xss-using-web-messages-and-a-javascript-url