摘要:
Portswigger web security academy:Stored XSS Stored XSS into HTML context with nothing encoded 题目要求 提交评论,调用alert函数 解题过程 直接祖传payload就行 Stored XSS into a 阅读全文
摘要:
Portswigger web security academy:Reflected XSS Reflected XSS into HTML context with nothing encoded 题目要求 调用alert函数 解题过程 请求: url/?search=asd 返回: <h1>0 阅读全文