Web - Client
lundi 2 novembre 2020, 15:17 #1
CSP Bypass - Inline code
I have xss on the site, but I am not getting what to do next. I tried evaluating the FLAG_REDACTED but that did no help, no result.
What does this ’Only bot can view’ mean here ? hidden tags ? accessing varable ?
If accessing variable then I am having hard time fitting it inside alert
mercredi 20 janvier 2021, 20:56 #3
CSP Bypass - Inline code
yeah same problem, thx for the tip, anyway what is the best source on CSP ? is it "CSP Is Dead, Long Live CSP" ?