Web - Client
dimanche 11 avril 2021, 19:13 #1
Web - Client | XSS - DOM Based
Hi,I have found the two injection points and I am able to inject code inside the object but I’m completely stuck now.
Everything is blocked, I cannot use quotes, brackets and location.href / location.assign etc...even if is encoded.
If there is a way to use functions with no brackets and quotes, could someone give me some docs where I can learn how to do it ?
In case pm me, if there is spolier.