Collaborate Disseminate
I’m having a hard time bypassing "
I tried every payload but nothing happened. The payload is
"><img src="data:xxx1" style=’aaa: ‘\"/onerror=alert(1)//” />
But it’s transformed to
<input class=&qu… Continue reading Bypass double quotes " transformed to "
I am new to web security, and I need your help in confirming things. As the title says, I am looking for and researching for a safe way to take in user input that may contain special characters/HTML/bbcode/script tags and safely store it i… Continue reading Best way to store user input that has HTML tags and <script> tags and display it on client side as is but still being safe from mainstream attacks
Can someone explain the difference between the Access-Control-Allow-Origin header and the Cross-Origin-Resource-Policy header?
According to MDN:
The Access-Control-Allow-Origin response header indicates whether the response can be shared … Continue reading Security Headers: Access-Control-Allow-Origin vs. Cross-Origin-Resource-Policy (CORP)
I’m working through all issues that the static security analysis tool Fortify found in our internal Angular application. There is one particular issue I’m not confident of how to work with. Please see the following code, which is the event… Continue reading XSS: window.location.href and window.open
The injection is inside an <input> element for an email address. The injection payload is ";"@site.com. Once submitted, local cookie information appears inside the actual input textbox.
I have a parameter whose value is injected in the HTML as the following
<script src="/dir1/dir2/dir3/dir4/INJECT_HERE"> </script>
I was able to traverse back to just / but when I enter my xss hunter payload (let say … Continue reading How to turn a relative path script (js) import to an absolue one with a url for XSS ? (more details below)
How does putting the alert function ‘-alert(1)-‘ into a search field, where it ends up inside a script tag actually break out of the script string?
Wouldn’t this just be interpreted as an empty string before and after the alert? And how d… Continue reading How does this break out of a javascript tag?
I’m doing bug bounty and have found a place where there may be some XSS but the IMG is always given an alt tag whenever I try (as a defense), any bypasses?
I have a WordPress plugin that helps create an organization chart/tree and then generates a URL where the chart is available to be viewed by the public.
The plugin dashboard looks like this
the plugin uses window alerts to input from the u… Continue reading What are vulnerabilities of saving user input directly in wordpress plugin?
I have a wordpress plugin that helps create an organization chart/tree and then generates a URL where the chart is available to be viewed by the public?
Inside the plugin’s view in WordPress dashboard. After we create a chart, we click gen… Continue reading What are the vulnerabilities of exposing url end point param?