DOM XSS in innerHTML Sink: Bypassing a Dead-End  Tag With
Share

Why the “obvious” payload fails on an innerHTML sink, and what actually pops the alert.

 

<img src="https://cdn-images-1.medium.com/max/1536/1*_nGNsE4wNTwMqiSibS7s-A.png" title="DOM XSS in innerHTML Sink: Bypassing a Dead-End Tag With ” /> Why the “obvious” payload fails on an innerHTML sink, and what actually pops the alert.Continue reading on Medium » Read More JavaScript on Medium 

#java

By ali

Leave a Reply