Detecting XSS Polyglots
vdun opened this issue · 0 comments
vdun commented
How could xssValidator detect this XSS [1] using this XSS-Polyglot [2] ?
[1] https://public-firing-range.appspot.com/reflected/parameter/body?q=/*-/*`/*\`/*%27/*%22/**/(/*%20*/oNcliCk=alert()%20)//%0D%0A%0d%0a//%3C/stYle/%3C/titLe/%3C/teXtarEa/%3C/scRipt/--!%3E\x3csVg/%3CsVg/oNloAd=alert()//%3E\x3e
[2] https://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot