Web - Client
Monday 2 November 2020, 15:17 #1
CSP Bypass - Inline code
I have xss on the site, but I am not getting what to do next. I tried evaluating the FLAG_REDACTED but that did no help, no result.
What does this ’Only bot can view’ mean here? hidden tags? accessing varable?
If accessing variable then I am having hard time fitting it inside alert
Wednesday 20 January 2021, 20:56 #3
CSP Bypass - Inline code
yeah same problem, thx for the tip, anyway what is the best source on CSP? is it "CSP Is Dead, Long Live CSP" ?