如何使用跨站点脚本(XSS)进行测试

时间:2016-06-20 08:36:09

标签: testing xss

跨站点脚本(XSS)当我在输入框中使用alert标签时,它在源代码中转换为大写

2 个答案:

答案 0 :(得分:2)

请将重定向重定向到https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet 

<IMG SRC=X ONERROR="&#0000106&#0000097&#0000118&#0000097&#0000115&#0000099&#0000114&#0000105&#0000112&#0000116&#0000058&#0000097&#0000108&#0000101&#0000114&#0000116&#0000040&#0000039&#0000088&#0000083&#0000083&#0000039&#0000041">

tested-in-google-chrome-browser

答案 1 :(得分:-1)

IMG SRC=X ONERROR="javascript:alert('XSS')"
相关问题
最新问题