source-git / python-lxml

Clone
Source Code
GIT

Files

  1.   d9acb67c9b615a0ad85ff8316fa45a8f0c5dd043
  2.   src
  3.   lxml
  4.   html
  5.   tests
  6.   hackers-org-data
  7.   xml-embedded-js.data
Blob Blame History Raw 
Description: Locally hosted XML with embedded JavaScript#XSS_Local_XML that is generated using an XML data island. This is the same as above but instead refers to a locally hosted (must be on the same server) XML file that contains your cross site scripting vector. You can see the result here <http://ha.ckers.org/xssxmltest.html>
    http://ha.ckers.org/xss.html#XSS_Local_XML

<div><XML SRC="xsstest.xml" ID=I></XML>
<SPAN DATASRC=#I DATAFLD=C DATAFORMATAS=HTML></SPAN></div>
----------
<div>
 <span></span>
</div>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation