All my decks
[CTRL+Enter] (1)
makandra dev (1)
makandra Curriculum (0)
makandra Operations (0)
DevOps Curriculum (0)

No results found in DevOps Curriculum.

Best results in other decks

makandra dev
Stephan Plöderl

Testing for XSS in Markdown Fields

github.com

...markdown from user input, an attacker might be able to use this to inject javascript code into the source code of your page. The linked github page is a collection...

...common markdown XSS payloads which is handy for writing tests. Producing arbitrary links: [Basic](javascript:alert('Basic')) [Local Storage](javascript:alert(JSON.stringify(localStorage))) [CaseInsensitive](JaVaScRiPt:alert('CaseInsensitive')) [URL](javascript://www.google.com...

Search in all decks
This website uses short-lived cookies to improve usability.
or learn more