search

Effortlessly finding Cross Site Script Inclusion (XSSI) & JSONP for bug bounty

Bharat Dwarkani shared on Feb 05, 2020
image
medium.com
bookmarks
share
favorite_border0 visibility4
favorite_border0 visibility4 share bookmarks

innerHTML is a JavaScript tag whos property is used for DOM manipulation. More specifically, it "sets or returns the HTML content (the inner HTML) of an element." Ordinarily, this property is used to examine the current HTML source of the page, including any changes that have been made since the page was initially loaded. But, it can also be used for Cross-site Scripting(XSS).

Bharat Dwarkani shared on Jan 26, 2020
image
dev.to
bookmarks
share
favorite_border0 visibility6
favorite_border0 visibility6 share bookmarks

A JavaScript Polyglot is a Cross Site Scripting (XSS) vector that is executable within various injection contexts in its raw form, or a piece of code that can be executed in multiple contexts in the application. So, a JavaScript polyglot can be multiple things at once, like a JavaScript/JPEG

Bharat Dwarkani shared on Jan 26, 2020
image
dev.to
bookmarks
share
favorite_border0 visibility4
favorite_border0 visibility4 share bookmarks
add