f00bar 个人日志

XSS
1、双写绕过 <scr<script>ipt>alert(/xss/)</scrip...
扫描右侧二维码阅读全文
20
2018/03

XSS

1、双写绕过 <scr<script>ipt>alert(/xss/)</script>
2、大小写混淆 <sCRipt>alert</xss></script>
3、通过img、body等标签的事件或者iframe等标签的src注入恶意的js代码。

Last modification:January 6th, 2020 at 10:33 am

Comment here is closed