• XSS game -xss学习

    网址

    https://xss-game.appspot.com/level1

    • 1

    Level 1: Hello, world of XSS

    payload:

    

    • 1

    漏洞产生处:

    message = "Sorry, no results were found for " + query + "."

    • 1

    Level 2: Persistence is key

    payload:

    

    • 1

    漏洞产生处:

    html += "
    " + posts[i].message + "
    • 1

    blockquote 标签之间的所有文本都会从常规文本中分离出来,块引用拥有它们自己的空间。